As SDN networks densify and carry increasing amounts of traffic over increasing numbers of virtual networks, assuring best possible performance for all services requires a ubiquitous, real-time view of the network state.
Without that view, operators have lost visibility into—and therefore control over—their networks. Traditional network-monitoring techniques are too physical and expensive to keep up with the dynamics of virtualized environments. Result: when companies do network audits, they find elements they don’t have under management, they don’t know the state they are in, and they don’t discover assets they know they have! That’s crazy! How can an SDN controller be expected to make appropriate decisions if it doesn’t even know where all the resources are located?
Before we dive into what’s required for operators to regain full control of their networks, let’s take a step back and define what full visibility means in an SDN network environment.
What Is Full Visibility for SDN Networks?
A complete, end-to-end, full network view includes real-time visibility into:
- Every endpoint where traffic can be routed
- Every location where traffic is influenced or actively controlled
- Every transport and control layer (Ethernet, IP, Layer 4, etc.)
- Every service running through those layers, and QoE metrics for each
Collectively, these make up the “network state,” although that term—because of its traditional meaning—is something of a misnomer.
In data centers, the term “network state” refers to a primitive view of the network: just the bytes going through each port, with no performance metrics. It’s like counting cars as they pass a particular spot on the highway, without regard for how fast they’re going, where they are heading, the route they’re taking, or who’s inside.
Likewise, SDN network elements are “dumb” in this regard; they only provide port-level states. A higher level of instrumentation is needed for link-level performance monitoring and assurance.
Assuring SDN Networks: Challenges
In an SDN network, traffic changes paths based on the controller’s decisions; it’s very dynamic. In this environment, it’s hard to track individual services from the data plane. Only the SDN controller knows where all the resources are located and where traffic is going.
The SDN controller needs to choose the best paths through the network for each service, respecting service chaining, service priority, and specific performance requirements — e.g. low latency and packet loss for transactional applications; highly available, big bandwidth for media delivery; and so on.
The problem with the traditional network state is that it only provides per-link utilization — nothing more. Controllers bluntly route traffic over the path with the fewest hops, with adequate bandwidth, unaware that the highest-latency route may have been chosen, for example.
To realize dynamic, performance-optimized (DPO) SDN control, the network must be instrumented in a way to see the performance of individual services, as well as each physical link. Whether the instrumentation used is physical, virtual, or a hybrid, taking advantage of widely supported performance measurement standards like TWAMP or Y.1731 at every node and link is necessary to achieve consistent results. However, support for those standards may be spotty, or poorly implemented. What then?
SDN and NFV Collide to Assure Virtualized Networks
In such cases, additional instrumentation is needed to fill the gaps. Using small, FPGA-based smart SFP modules that insert into switches, routers, and base stations is one way to uplift the feature set of existing infrastructure and provide uniform test coverage. Performance assurance virtual network functions (VNFs) can then be used to enhance the capabilities of these programmable endpoints, bringing full test set functionality to these tiny devices, as well as existing network elements with sufficient standards support.
This NFV-based instrumentation (which operates at the data plane) can be orchestrated by a performance assurance controller—which can, in turn, feed the real-time, network performance state into the SDN controller. Because this setup abstracts performance-monitoring data from control planes, it essentially means using SDN concepts to test the SDN environment itself.
SDN and NFV are colliding because of the need to monitor the network, rather than the need to send data through the network. Since SDN is dynamic by nature, it’s no longer feasible to have dedicated test boxes anywhere; these prevent the controller from doing its job properly. Instead, centrally controlled, NFV-powered instrumentation brings the two worlds together.
Until this type of solution was worked out, network-monitoring methods—and ultimately network control—were on a crash course; they couldn’t keep up with the dynamic nature of modern networks, and forced the SDN controller to make important decisions without sufficient information. Operators can regain control of their networks, and bring performance to a new level, with a real-time, ubiquitous view into what’s happening. Virtualized instrumentation, which brings together SDN and NFV concepts to handle the control and data plane aspects of performance monitoring, is a solution that adapts and scales.
By applying SDN and NFV principles to make performance monitoring a network embedded function, the instrumentation layer provides direct feedback to path optimization, traffic conditioning, and policy enforcement—putting performance first as resource contention increases.