The Tricky Part of Building a Control Plane
A Russ White Blog Series
In my last blog post, I considered two questions: what does a control plane really do, and what does a forwarding device really look like? Before continuing to our final destination—a better understanding of what an SDN is, and what the fuss is all about—we need to back up to the first post in this series, and reexamine the question of centralization and decentralization.
Take the following network as example—
There are two ways device A can compute a path to device E:
- Device A can somehow learn about each of the other nodes in the network and how they are connected. Using this information, Device A can locally compute a path to E.
- Each device in the network can send its connectivity information to F, a centralized controller. The centralized controller can, in turn, compute a set of paths through the network and somehow install these forwarding paths on each device, so A now knows how to reach E.
But this simple model glosses over an important fact we considered in the last post—control planes not only compute the shortest path, they are also somehow involved in policy, or rather things like traffic engineering. To make this concept a bit more concrete, you might notice that there are actually three paths through which Device A can reach E; through B, C, and D. It’s simple enough for A to choose to use C or D because these two paths to E have the least number of hops through which traffic must pass. But what happens when we start to take congestion, link bandwidth, and other factors into account? Perhaps the best way to reach E isn’t through the shortest path, but rather through some longer path with specific characteristics better suited for the traffic being carried through the network.
This observation leads us directly back to the previous post, where we said control planes not only deal with reachability and topology, but also policy.
So now we can see there are actually four possible ways to construct a control plane, as shown in the chart below—
According to this model, a control plane can be built in one of three ways—
- With centralized policy and reachability, shown in red in the diagram above
- With decentralized policy and reachability, shown in green in the diagram above
- With centralized policy and decentralized reachability, shown in blue in the diagram above
What most distributed control planes have done in the past, is to decentralize both policy and reachability. If you’re running an OSPF or IS-IS network, you have two options to make traffic from A flow through B rather than C or D towards E:
- You can tune the metrics on the links such that A calculates the best path through B rather than the other options
- You can instruct A to build a tunnel over which traffic towards E should be carried, and make certain (through some means) that B is in the path of this tunnel
There is a third option, of course—put a header on the packet that instructs traffic flowing from A to E to pass through B. There are multiple ways to accomplish this sort of source routing, but they are all (technically) outside the control plane, so I won’t consider them for the moment.
To return to the question at hand: what makes an SDN an SDN? The primary point seems to be that computing reachability is a difficult mathematical problem, but what really pulls complexity into the control plane is policy. Computing the shortest path from A to E is hard, but doable. Trying to get the traffic from A to E to pass through B and the traffic from A to D to pass through C, however, is the really tricky part of building a control plane. In fact, the original intent of SDNs, as a research project, was to centralize computation of paths through the network in order to find better ways to solve this policy problem.
There is one more question we need to answer, and then we can start considering how to break the various flavors of SDN (even those considered SDNs retroactively) apart, to start to understand what SDNs offer operators, and hence how SDNs impact the services providers can offer.