Taming your WAN: Applying SDN to the WAN

The network should respond to the needs of users and applications, but for a long time the network has not been very good at meeting our needs, forcing users and applications to adapt to the limitations of the network. In the enterprise, IT departments have been struggling to keep the security capabilities of the network in line with the development of devices and applications, while in the WAN, bandwidth costs and limitations force users to accept lower network performance than LAN.

All of this has changed with the rise of cloud computing, which provides users with the immediacy and responsiveness of the Internet on any device. To achieve this goal, cloud applications running in data centers require the data center network to adapt and meet the huge demands of cloud computing for flexibility, scalability, and agility.

[[219367]]

Software Defined Networking (SDN) was born in the data center as a response to cloud computing running on software-defined virtual servers. Cloud computing is a new architecture that can meet user needs at any time. In order to match these changes, data center networks must be equally flexible, agile and scalable.

It has to be automatic. Cloud computing is able to create virtual machines in a fraction of the time as users demand resources. The network must respond quickly to match, configuring its own resources to handle the required routing to meet the connection needs. To ensure that this can all run without human intervention, the cloud and the network must be able to use the same technology.

Where IT can see users, applications, requirements, etc., the network team can see the status of virtual LANs (VLANs), subnets, switches and routers. Where IT can see policies, rights and compliance issues, the network team can maintain visibility into access controls, firewall rules, service levels and SLAs. The challenge of SDN is to use software to automate and abstract the network.

The result is dramatic, bringing a whole new network model. SDN controllers are tied directly to the policies of workloads on server software, which instantiate the required network connections and policies. Compliance issues disappear and are easily verified because they are all incorporated into the policy. Moreover, the network structure or underlying network is greatly simplified because the connection policy is implemented in software. This allows the network to scale more closely to the performance needs of cloud computing. The abstraction provided by the SDN layer separates the network structure from the application policy and enables them to scale more independently.

With cloud computing built into the 5G network standard, the rise of the Internet of Things, and the popularity of automation, the cloud is moving beyond the data center and gradually spreading to the edge of the wide area network. Network functions that previously ran on dedicated hardware and applications are now distributed across data centers and edge clouds.

We need to automate connectivity and policies for these new workloads both inside the data center and over the WAN. However, the WAN is an untamed beast. Since edge cloud workloads need to be tied to the underlying transport network, we cannot simply extend data center SDN to the WAN.

WAN is a collection of established and complex global network infrastructure. The layers of optical fiber, gateways, routers and switches, as well as operating systems and business systems, make the reliability of WAN as high as 99.999%, and it is an even greater goal to enable flexible cloud-era IT applications to interact responsively and constructively with WAN.

Fortunately, WAN operators have begun to accept some of the principles of SDN and virtualization because they can build networks more efficiently. However, there is still a long way to go to achieve fully automated, software-defined, policy-driven networks. Similar to data center SDN, WAN SDN software uses cloud to abstract complex network devices and topologies, automate device configuration, and optimize network resources.

There have been many attempts to use SDN and WAN SDN-capable routers or switches as switches or gateways, but they have taken a lot of effort to integrate and ended up being vendor-specific solutions. They also tend to provide limited end-to-end visibility of network services and rely on protocols such as RSVP that are not designed for fine-grained control of network resources.

What the industry needs is an open and scalable way to abstract the multi-vendor WAN, provide fine-grained control over end-to-end network services, and connect seamlessly to the data center without complex gateways.

There has been a lot of innovation filling some of the gaps in routing and open object models, and there is no shortage of continued investment. We have automated the data center LAN using the native language of the application workload, and now the WAN is even more programmable.