Automation and programmability - introduction
Baha Abu-Shaqra, PhD (DTI uOttawa)
Network Engineering (career change)
This post introduces the topic of network automation and programmability. Three main areas are discussed: the benefits of network automation, the three logical planes of network functions (the data plane, the control plane, and the management plane), and the main components of SDN architecture. This post introduces the topic of network automation and programmability in a clear and concise way.
This post covers topics 6.1 Explain how automation impacts network management and 6.2 Compare traditional networks with controller-based networking (Section 6.0 Automation and Programmability) of the CCNA exam topics list.
You may also be interested in CCNA 200-301 study notes.
Before we dive in, I try to make the world a little better. You're invited to read my letter to uOttawa President?Jacques Frémont about how to easily implement policy reforms to prevent supervisor bullying of uOttawa students: uOttawa President Jacques Frémont ignores university bullying problem. You may also be interested in How to end supervisor bullying at uOttawa.
Benefits of network automation
Benefits of network automation include,
The improved efficiency of network operations reduces the operating expenses (opex) of the network. Each task requires fewer man-hours, freeing engineering staff to focus on more important things.
Compare traditional networks with controller-based SDN
Here is a brief comparison between traditional networks and controller-based SDN (software defined networking).
The logical planes of network functions
The various functions of network devices can be logically categorized into three planes: data plane, control plane, and management plane.
In traditional networking, the data plane and control plane are distributed throughout the network. Each network device (e.g., a router) has its own data plane and control plane.
In software-defined networking (SDN), the control plane and data plane are two distinct components that work together to manage and forward network traffic.
The separation of the control and data planes allows for more centralized and flexible control of the network, as well as the ability to automate many network tasks.
>The data plane (forwarding plane) is responsible for actually forwarding traffic (from one interface to another) according to the instructions from the control plane. It receives packets from the source, looks up the appropriate forwarding rule in its routing table, and then forwards the packet to the next hop.
So, for example, forwarding packets, translating source IP addresses of packets, and denying packets via an ACL are data plane functions (functions involved in forwarding messages).
>The control plane “controls” how the data plane operates. The control plane is responsible for making decisions about how to route traffic (e.g., by building the router’s routing table). It collects information about the network topology and traffic patterns, and then uses this information to create forwarding rules for the data plane.
So, for example, calculating routes is a function of the control plane.
The control plane performs overhead work, which includes gathering network state information, computing forwarding rules, maintaining network consistency, and implementing network policies (by sending instructions to the data plane).
>The management plane is the layer responsible for configuring, monitoring, troubleshooting, and automating the network. It provides a centralized interface for network administrators to control the SDN controller and network devices.
The management plane interacts with both the control plane and the data plane. It communicates with the control plane to configure and monitor network behavior, and it interacts with the data plane to collect performance data and manage device configurations.
The management plane consists of protocols (such as SSH, Telnet, syslog, SNMP, and NTP) that manage network devices.
The management plane (like the control plane) performs overhead work. The management plane's overhead work includes provisioning and configuring network devices, monitoring network performance and health, identifying and diagnosing network issues, implementing and enforcing network policies, managing user access and security, performing software updates and patches, and providing a centralized management interface.
While the operations of the management plane are managed by the CPU, the operations of the data plane are managed by ASIC, Application Specific Integrated Circuit, a specialized chip designed for forwarding frames.
When a switch receives a frame, the ASIC (not the CPU) is responsible for the switching logic. The MAC address table is stored in TCAM, Ternary Content-Addressable Memory (CAM table is another name for MAC address table).
The main components of SDN architecture
Traditional control planes use a distributed architecture. SDN, also called software-defined architecture (SDA) and Controller-Based Networking, centralizes the control plane into an app called the controller.
The controller can interact programmatically with network devices using APIs. An API, Application Programming Interface, is a set of rules that define how two applications can communicate with each other. The controller uses Southbound Interfaces (SBIs) to communicate with the devices it controls.
The controller uses the SBI to communicate with the managed devices and gather information about them (the topology, available interfaces, and configurations).
The controller communicates with R1 and R2 to program their data planes.
A SBI consists of a communication protocol and API. Examples of SBIs include OpenFlow (ONF), Cisco OpFlex, Cisco onePK, and NETCONF.
领英推荐
The external application uses Northbound Interfaces (NBIs) to interact with the controller, program it, and make changes in the network via the SBI. The NBI is typically implemented using a REST API (aka REST-based API and RESTful API).
REST, Representational State Transfer, is an architectural style for designing APIs. A REST API is an API that conforms to the design principles of the REST architectural style.
RESTful APIs are often used to build web applications as well as other types of distributed systems, such as microservices architectures.
REST defines a set of constraints that APIs should follow in order to be considered RESTful. These constraints include using HTTP verbs to represent actions (e.g., GET, POST, PUT, DELETE), using URIs to identify resources, using JSON or XML to represent data, and using HATEOAS to allow clients to navigate through resources.
A REST API is a way for two applications to communicate with each other using HTTP requests and responses. The external application will use a GET request to retrieve data from the controller, and a POST request to send data to the controller.
The external application uses a REST API (as an interface on the controller) to interact with the controller using HTTP requests. For example, the app sends a GET message to the API. The controller replies with the requested data in a structured (serialized) format such as JSON or XML.
The SDN architecture makes it easy to automate various tasks in the network via the SDN controller and APIs.
Other posts in this automation and programability series
Key references
Bard, Google AI. "What are the logical planes of network functions." Bard, Google AI, 2023-11-06. Accessed 2023-11-06.
Bard, Google AI. "What are the main components of SDN architecture." Bard, Google AI, 2023-11-06. Accessed 2023-11-06.
Dayal, N., Maity, P., Srivastava, S., & Khondoker, R. (2016). Research trends in security and DDoS in SDN. Security and Communication Networks, 9(18), 6386-6411.