SDN pioneers gain visibility, control over bandwidth

Software-defined networks can give IT the agility and flexibility to manage today's dynamic data centers and private cloud infrastructures.

Public school teachers in Enfield, Conn., are active grant-getters. But while the technologies they bring into the classroom from those grants, such as lab carts with Apple iPads, are beneficial to students, they can also wreak havoc on network resources.

"School administrators would tell us that [voice over IP] phone calls were breaking up, and when we looked at utilization, we saw 90 iPads had downloaded a 15-minute educational video from Netflix at the same time," says Enfield CTO Paul Russell.

At one time, Russell would have addressed the problem by increasing the amount of Internet bandwidth to the town's 12 schools, overprovisioning to accommodate occasional bursts in activity from the hundreds of cloud-based educational applications teachers utilize. But Internet access was costing the town $100,000 for four 100Mbps connections (with the state providing a fifth 100Mbps connection), so Russell needed a more cost-effective and efficient solution.

Enfield chose to become a pioneer of software-defined networking, or SDN, to build flexibility and agility into the network that supports 5,000 K-12 students and 4,000 devices. SDN decouples the control and forwarding planes in switches and routers, enabling IT to fine-tune network resource allocation. With an abstracted software-based controller, IT can dynamically manage traffic flows across the enterprise.

Early adopters have charted their own paths to SDN's benefits. Some, like Enfield, are using SDN to gain visibility and control over bandwidth usage. Others are finding its power lies in centralizing and simplifying certain aspects of network management. Many have found the flexibility provided by SDN enables them to re-assign IT staff to other projects.

Research firm IHS Infonetics recently predicted that the market for SDN Ethernet switches and controllers will reach $13 billion in 2019, up from $718 million in 2014. The firm says the SDN market is still in a formative stage.

In some cases, SDN deployments require a forklift upgrade of switches and routers because organizations lack the necessary programmable interfaces. Enfield was fortunate that the Extreme Networks switches it purchased in 2012 were SDN-capable. "We haven't had to add anything to the switches to enact the SDN," Russell says.

In April, Russell launched an SDN pilot project at the elementary school that had the worst bandwidth battles. Using Extreme's SDN platform, which consists of software on a virtual server, teachers now are able to schedule when technology labs will be in session. The network then automatically directs resources to the associated carts for that period of time, while also protecting other traffic -- such as VoIP calls.

"We could have continued to pour money and resources into access, but schools don't need a gigabit of Internet access all day every day. In fact, we found they only need it 30% to 35% of the time," he says. With SDN, Russell is aiming to shrink network connectivity -- which he calls "the most expensive commodity" -- from five 100Mbps connections to three 20Mbps pipes capable of bursting to 100Mbps. If the test is successful, the town will save nearly $60,000 annually. In addition, with fewer pipes into and out of the buildings, there will be less chance of a security breach.

In fact, Russell is tackling a districtwide SDN deployment for the 2015-16 school year. Specifically, his goal is to have the technology in place in time for state testing so students, faculty and staff will have the resources they need. SDN also will help block non-essential resources such as cellphones and non-official machines, so users can't sap Internet resources or facilitate cheating. "We'll have proper provisioning across all schools," he says.

Easing network setup

At Atlanta-based JAS Forwarding Worldwide, an international freight forwarder that operates 270 offices in more than 80 countries, SDN has been a godsend, says CIO Mark Baker.

In the past, provisioning a new office involved numerous hassles, such as dealing with local providers on connectivity, trying to purchase JAS's preferred Cisco gear in the local market, and ensuring the appropriate level of security. Then an IT staffer would have to either fly to the location for the installation or spend a day on the phone talking an on-site employee through the process. Sometimes language barriers and currency differences would introduce more problems.

"We had such a hardware dependency that we'd either overbuy in hopes that the office would grow, or install minimum hardware and face possible delays in expansion later," Baker says.

The breaking point came three years ago when JAS debuted a new global ERP system. To visit each office and make the network changes necessary to support the new application would have been impossible, so Baker deployed Aryaka ONE, a cloud-based SDN-like service from Aryaka. The cloud-based service centralizes network resource management, enabling Baker to use generic off-the-shelf switches and routers and to automate bandwidth allocation and other application requirements.

Once IT negotiates a base connection with the local provider, the way the network delivers resources to the endpoint can be managed through the Aryaka ONE portal. "As an office grows, we can grow services from our data center and other vendors in the cloud," Baker says. "We can truly align with business needs."

As is the case with mainstream SDN technology, users of Aryaka ONE must have switches and routers with programmable interfaces and decoupled control and forwarding planes. Instead of undertaking a forklift upgrade to replace switches that don't have the necessary capabilities, JAS is replacing equipment as it wears out. "You could take an aggressive approach, but we've done it through attrition. Patience has been a virtue," Baker says.

He has made JAS's once-homogenous Cisco network more heterogeneous, using servers, routers and firewalls familiar to local users. "We have been able to acquire [gear] locally, sometimes at a lower cost," he says. Aryaka ONE is layered over that equipment for network resource control.

Baker says his biggest challenge has been the mindset of staffers. Network engineers are accustomed to hands-on configurations and were reluctant to embrace a more automated and aggregated approach. "The technology was the easy part; getting people to adapt and change is more difficult," he says.

With Aryaka's service, Baker was able to meet JAS's "very aggressive" deployment schedule for the global ERP system. "You could have the greatest application in the world, but the user experience dictates success or failure," he says.

An open-source approach

Resistance to change in IT is nothing new for Ram Appalaraju, an adviser to Open Networking Summit (ONS), a nonprofit that organizes events designed to accelerate SDN innovation and adoption. In addition to focusing on SDN's ability to disrupt the networking industry, ONS also promotes an open-source approach to network services delivery.

Brocade, Extreme, NEC, Fujitsu and Ciena are just a few of the switch manufacturers that have joined the open-source SDN movement. "We are encouraging vendors to embrace interoperability so that users have a choice of hardware that is best suited for the job," Appalaraju says. "We want to see the whole environment become programmable through open-source technologies so that deployments can be accelerated."

Separating the control plane from the data/forwarding plane is just the first step toward realizing the benefits of SDN, according to Appalaraju. "Real value is when the control plane is removed out of the switch or router and centralized to provide a single global view at scale through a server," he says. "Abstraction needs to happen the same way as we have seen with Linux on x86 servers," so businesses can use generic servers and "create a nimble experience" while reducing their capital expenditures.

Appalaraju says early SDN deployments he's seen have included orchestration of network services, management of network bandwidth and automation of network configurations.

Like Baker, Appalaraju says cultural and organizational change is necessary for SDN to flourish. "It's no longer about a network engineer or a server engineer," he says. "There has to be a confluence between the virtualization architect and network architect, and a move toward a DevOps model."

He adds that this shift will save businesses money because salaries keep rising for IT professionals who have the expertise necessary to run a network apart from other services. "SDN takes away the need for specialized skills," Appalaraju says.

Appalaraju says he's confident that SDN, along with virtualization of network functions, will become commonplace. "Servers and storage got virtualized; networks, which continue to be a problem, are next," he says.

Laying a foundation

As users like Russell and Baker wade deeper into SDN's waters, Andy Chun is just beginning to lay the groundwork for an SDN network.

Chun is CIO at City University of Hong Kong, which has 35,000 students and 4,000 faculty and staff members and is growing quickly. The institution recently implemented a four-year curriculum, a move that doubled the number of students and required a 30% increase in faculty members. IT supports the university proper, a community college and continuing education.

Deploying network services is especially difficult for Chun's IT team because as the university expands it's struggling with a problem that plagues Hong Kong: limited physical space. New employees have to take offices wherever space is available -- "they aren't always in the physical vicinity of their colleagues," Chun says -- and they're frequently moved.

IT has to ensure that everyone in a particular department has the same level of network access, no matter where they're located. That means Chun's team is regularly reconfiguring routers and switches and laying new cable.

Complicating matters even further is the fact that the university encourages cross-disciplinary collaboration.

"Trying to configure, maintain and change the network is incredibly demanding," Chun says. Noting that his team has already virtualized the computing and storage environments, he says, "SDN is the next logical step."

Currently, Chun and his team are upgrading and replacing hundreds of switches, routers and other devices so the university will be able to support SDN when it matures.

"The upgrade is an easy sell because of the growth," he says.

The school currently runs a multi-10G Ethernet core and 1G to the desktop. That will stay the same. "The speed on the surface might not seem a big change, but SDN and virtualization will help us optimize how we use it," Chun says. Noting that multiple links could be combined to bump up capacity and flexibility for an application or a user group, he says, "Overall performance and user satisfaction are sure to be higher."

With SDN, Chun will be able to control network services across five school buildings and a student residency hall via a dashboard. When a new faculty member comes on board, IT will be able to enter what network services the person will need and when he will need them. Once the schedule is set, the provisioning will happen automatically. SDN will also enable Chun to easily allow access to services that foster collaboration, such as file-sharing tools.

He says he expects that the SDN project, which will be done in late 2016 or early 2017, will free IT staffers to tend to other tasks, such as supporting a brand-new veterinary school.

A side benefit of SDN, according to Chun, is the ability to isolate networks in the event of a security threat. "We can make sure that no traffic goes out for a certain period of time, which is helpful in a distributed denial-of-service attack. We can limit the damage by limiting bandwidth available to the affected machine," he says.

Chun says everything about SDN sounds "cool and neat" and he envisions using the technology in many ways, but because SDN is fairly new, he acknowledges that he and his colleagues "have a lot to learn."

In Enfield, Russell says he hopes to find new uses for SDN as the technology matures. He has already mapped out ways it could be used in public safety for improved responses to emergencies and community events.

"You can't have high-dollar network resources fighting each other for bandwidth," Russell says. "SDN addresses these issues so you can continue to meet the business requirement to deploy new applications."

To express your thoughts on Computerworld content, visit Computerworld's Facebook page, LinkedIn page and Twitter stream.
Related:
Fix Windows 10 problems with these free Microsoft tools
Shop Tech Products at Amazon