November 22, 2016

Software Defined Networking Fundamentals Part 2: Switches and Network Architecture

Explore Software Defined Networking Fundamentals today by downloading the free sample. Download Now

Join us in this three-part weekly blog series to get a sneak peek at The Linux Foundation's Software Defined Networking Fundamentals (LFS265) self-paced, online course. 

In part one, we introduced the historical background that led to the current virtualization innovation wave.  We then introduced the concept of data planes, control planes and management planes and highlighted the role of each.  In part two we will learn how traditional data switches are architected and how these planes are implemented.  You will learn a fundamental aspect of SDN, namely the separation of the data plane and the control plane.

Traditional Switches

The core of a traditional network switch is based on custom silicon, either an ASIC, FPGA or NPU.  Even though FPGAs and NPU’s can be modified in the field, they are still limited in functionality and relatively expensive. These hardware devices can forward packets based on Layer 2 and Layer 3 input at the requisite “wire speed.”   The trade off worth noting is performance over flexibility.   The control plane handles the routing functions and calculates the packet forwarding rules.  

The figure below illustrates a traditional non-SDN switch, with the following components:

• The transceivers (TRX), which are the ports transmitting or receiving communications on the medium (copper, optical, radio frequency, etc.).

An Application Specific Integrated Circuit (ASIC) is used to handle the incoming and outgoing data packets. An ASIC is a specialized purpose built silicon device that executes just a limited set of tasks, and, in this particular instance, do it very fast (up to 40Gbit/sec per port).

The Layer 2 and Layer 3 tables are the central building blocks the ASIC acts on.

To fulfill the demands of virtualized servers, Virtual Local Area Networks (VLANs) or Virtual Routing Functions (VRFs), new features have been added for better isolation of the hosts or virtualized machines: Access Control, Quality of Service (QoS), port groups, etc. Most of these features must be configured manually and in different ways for various vendors.


non-SDN switch
Figure 1: A traditional non-SDN switch.

Traditional Switches and the Three Planes

The next figure illustrates what a switch looks like when combining the components of a non-SDN switch with the data, control, and management planes:

• The transceivers (TRX) and the ASIC form the data plane.

• A general purpose CPU hosts both the control and management planes.

• The control plane handles the routing functions and is also responsible for calculating the forwarding rules.

• The management plane is used to set up and change the network switch configuration.


Management planes
Figure 2: Data, Control, and Management Planes in a Switch.

New Packet Arriving at a Switch

When a packet enters a switch the data plane looks for a forwarding rule based on information in the packet header.   If there’s a match the packet is sent on its way.  If there isn’t a match, the packet is sent to the control plane where routing (Layer 3) processing occurs and the packet is sent back to the data plane for forwarding to the appropriate output port. The control plane then adds the new forwarding rule to the Layer 2 forwarding table so subsequent similar packets are no longer exceptions and are forwarded at wire speed.

Here’s what happens when a new packet arrives:

1. A new packet arrives on the receiving port and is stored in a buffer.

2. If there is no rule matching this packet in the data plane, the control plane must decide what to do.

3. The control plane receives the packet from the data plane and executes the routing functions.

4. Then, the control plane stores the calculated action (e.g. output port) into the forwarding tables. Forwarding tables are stored in content-addressable memory, for fast and effective lookup and matching.

5. At this point, the data plane can apply the rules stored in the TCAM (Ternary Content- Addressable Memory).

6. The data plane forwards the packet to the output port.

7. The output port then transmits the packet over the medium.

The request to the control plane takes time, because the action needs to be calculated and because the CPU of the control plane runs at a lower speed.


new packet
Figure 3: New Network Packet Arriving at Switch.

Subsequent Packet Arriving at a Switch

The next packet arriving with the same source and destination will be forwarded based on the existing rules, as long as they are valid and not expired:

1. The packet arrives.

2. It is matched with the rules stored in the TCAM.

3. The packet is then forwarded to the output port.

4. The output port transmits the packet over the medium.


Figure 4: Network Packet with Known Forwarding Rule.

In this article, we reviewed the architecture and operations of a traditional data switch.  We showed how the three planes are implemented and how they interact.  A fundamental trade-off illustrated is performance over flexibility. This trade off and subsequent limitations lead to the advent of SDN.  In part three, we will discuss the implementation and operation of a software defined switch and we’ll introduce the concept of the SDN Controller.  Lastly, RFC 7426 will be introduced highlighting the various abstraction layers  created to simplify complex data networks.

The "Software Defined Networking Fundamentals" training course from The Linux Foundation is designed to provide system and network administrators and engineers with the skills necessary to maintain an SDN deployment in a virtual networking environment. Download the sample chapter today!

Click Here!