Data, Control and Management Planes:

Data Plane: This plane manages most of the packet traffic. It includes various
ports for receiving and transmitting packets and is responsible for packet
buffering, scheduling, header modification, and forwarding. The data plane
operates independently, relying on the forwarding table.

Control Plane: This plane keeps the forwarding table up to date. It manages
control protocols that manage the network's active topology. It is more complex
and requires general-purpose microprocessors and software.

Management Plane: Network administrators use this plane to configure and

monitor the switch. It communicates with the data and control planes to extract
or modify data as needed, typically through a network management system.
Basic Packet-Switching Terminology
• WAN (Wide Area Network): Covers large geographical areas, bigger tha
n a single metro area.
• LAN (Local Area Network): Covers a smaller geographical area, just a
few thousand square meters.
• MAN (Metropolitan Area Network): Bridges the gap between LANs an
d WANs, spanning across large portions of cities.
• WLAN (Wireless Local Area Network): A LAN where the transmission
medium is air; typical max distance is about fifty meters.
• Physical Layer: The lowest layer of the OSI model, dealing with hardwa
re transmission technology for data bits.
• Data Link Layer: The second lowest OSI layer, managing data transfer b
etween devices on the same network segment, error detection, and flow c
ontrol.
• Network Segment: A single LAN like Ethernet or a point-to-point link in
a WAN. It is essentially a piece of the larger network.

• Error Detection & Flow Control: Mechanisms in the data link layer to
ensure data is transferred accurately and efficiently. Flow control
manages the rate of data transfer, while error detection identifies any
mistakes in the data.

• Logical Link Control (LLC): Part of the data link layer, LLC handles
error-checking and flow control, allowing multiple network protocols to
use the same medium.
• MAC (Media Access Control): Part of the data link layer, it controls acc
ess to the shared medium and provides addressing for data that has multip
le potential receivers, ensuring only one processes it.
• Network Layer: Facilitates data transmission from sender to receiver acr
oss multiple intermediate networks, combining discrete data link layer pr
ocesses.

• Layers:
 o Layer 1 (Physical Layer): Deals with hardware transmission techn
ology.
o Layer 2 (Data Link Layer, L2): Manages data transfer between de
vices on the same network segment.
o Layer 3 (Network Layer, L3): Responsible for data transmission a
cross multiple networks.
• Port: A connection to a communication medium, including data link layer
and physical layer mechanisms. Used interchangeably with "interface," e
xtending to virtual interfaces in virtual switches.
• Frame: Data unit transferred over a Layer 2 network.
• Packet: Data unit transferred over a Layer 3 network; often used to refer t
o data units in general without layer distinction.
• MAC Address: A unique identifier for networking equipment on a Layer
2 network.
• IP Address: A unique identifier for hosts on a network using Internet Prot
ocol for Layer 3 addressing.
o IPv4 Address: A 32-
bit integer, commonly represented in dotted decimal notation (e.g.,
192.168.1.2).
o IPv6 Address: A 128-
bit integer, providing a larger address space than IPv4.
• Switch: A device that forwards data between ports based on specified des
tinations.
• Circuit Switch: Maintains contextual information for data forwarding du
ring a connection, which can span periods without data transfer.
• Packet Switch: Forwards data as individual packets that independently tr
avel through the network.
• Connection-Oriented Model: Involves intermediate switches having
context information to forward data. A circuit switch is an example of
this.
• Connectionless Model: Each packet has enough information to be
forwarded independently, without pre-established context.
 • Router: A packet switch used to separate subnets. Subnets share a
common network prefix. Routers are often called layer three switches
nowadays.
• Flooding/Broadcasting: Sending a packet to all ports except the one it
came from.
• Line Rate: The bandwidth of the communication medium connected to a
switch port, measured in Mbps or Gbps.
• Wi-Fi: Wireless communications based on the IEEE 802.11 standard.

Autonomous and Dynamic Forwarding Tables: Designed to handle uns

table links and potential switch failures by dynamically updating forwardi
ng tables through various protocols.
• Layer Two Control:
Forwarding Table: Indexed by destination MAC address, guides the swit
ch on which port to use for forwarding. Early switches learned MAC addr
esses dynamically and populated the forwarding table, but in interconnect
ed networks, predictable paths were necessary to avoid infinite loops. Dy
namic protocols were developed to handle this, learning MAC addresses,
and assigning ports dynamically.
• Layer Three Control:
Router's Task: Determines if a packet should be forwarded or requires e
xception processing. Uses the destination address to find the Next
hop router in its routing table, which is constructed through routing proto
cols. These protocols help routers build and update their forwarding table
s automatically, adapting to network changes.

Modern Data Center:

The rise of the Internet and the World Wide Web has led to the evolution
of data centres into massive, highly secure facilities. These data centres
host many compute and storage servers, strategically located in disaster-
safe areas with redundant power systems to ensure continuous operation.

Server Organization: Servers have progressed from being individual units

to densely packed server blades arranged in racks. These racks are
organized hierarchically, with top-of-rack (ToR) switches providing
networking within and between racks.

Scale and Capacity: Modern data centres can house over 120,000
physical servers, which can host around 2.4 million virtual machines.
This requires advanced networking protocols and devices to efficiently
manage internal communications.

Environmental Cocoon: Unlike traditional, geographically dispersed

networks with unreliable links, these data centres have a stable network
topology and exceptionally reliable communication links, reducing the
relevance of traditional networking goals.

Modern data centres have transformed into highly efficient, large-scale

facilities optimized for hosting complex web services and managing
immense amounts of data with robust internal networking.
WHY SDN?
• Centralized Control and Flexibility: Traditional networking models
distribute control across devices, making it complex to manage. SDN
introduces a centralized control plane that oversees the entire network,
simplifying management and providing greater flexibility. This allows
network administrators to program and manage traffic more efficiently,
often via software, improving scalability and adaptability.

• Automation and Efficiency: SDN enhances automation by abstracting the

network control plane from the underlying hardware. This abstraction
allows for the use of high-level programming interfaces to manage
network traffic dynamically, enabling quicker responses to network
demands. This also reduces the need for manual intervention, thus
increasing operational efficiency.

• Cost Savings and Innovation: SDN can reduce operational expenditures

(OPEX) by enabling the use of cheaper, commodity hardware rather than
proprietary networking devices. It also fosters innovation by providing a
platform for experimenting with new network services and protocols.
SDN opens the possibility of new business models and services driven by
faster, software-based innovation.

• Network Virtualization: The growing demand for network virtualization

in data centres has been a key driver for SDN. By abstracting the physical
hardware, SDN allows for multiple virtual networks to coexist and be
managed independently. This separation of the control and forwarding
planes addresses the limitations of traditional networking in handling
large-scale virtualized environments.
what is genesis of SDN?

• Disparate Control Plane Protocols: Traditional networks rely on many

distributed control plane protocols, which have led to a fragmented and
inefficient system. The result has been slower innovation in networking
compared to advancements in compute and storage technologies.

• Closed Networking Systems: Networking technology had become too

closed, with network equipment manufacturers (NEMs) tightly
controlling the ecosystem. This stifled innovation, as the existing
business models were highly profitable and did not encourage drastic
changes.

• Desire for Open-Source Development: Inspired by open-source models

such as Linux in computing, there was a growing desire for more open,
flexible systems that would allow faster innovation and experimentation.

• Growing Complexity in Networking: As networks became larger and

more complex, traditional systems struggled to scale. MAC forwarding
tables expanded, control plane protocols became increasingly intricate,
and the distributed nature of network intelligence made significant
updates difficult.

• The Role of Data Centres: The increasing demand for dynamic and
scalable networks, particularly in large data centres, underscored the need
for SDN. The existing static and manual configurations of traditional
networks could not meet the agility, and automation demands of modern
data centres.

➢ SDN Controller:
This passage explains the structure and function of an SDN (Software-
Defined Networking) controller in managing network policy,
infrastructure, and application interfacing. Here is a breakdown of the key
points:
Controller’s Role: The SDN controller has an overarching view of the
network and is responsible for managing and enforcing policies across
routing, load balancing, security, and device control. It directly interfaces
with SDN devices and provides a northbound API for applications.

Application Modules: Controllers often include pre-built application

modules, such as a learning switch, router, firewall, and load balancer,
even though these modules are technically SDN applications. These
modules come packaged with the controller to provide essential network
functions right out of the box.
API Structure:
Southbound API: This API connects the controller with SDN devices.
OpenFlow, a mature and standardized protocol, is commonly used for this
purpose in Open SDN. Other proprietary APIs may also be used
depending on the SDN solution. Protocols like OpenFlow, OF-Config,
and OVSDB (used for configurations) illustrate the southbound API’s
standardization.

Northbound API: This API connects the controller with applications.

Unlike the southbound API, the northbound API lacks a single
standardized protocol. However, it exists in many forms depending on the
controller. For instance, the Floodlight controller uses Java and RESTful
APIs, while Open Daylight also supports RESTful APIs.

Challenges and Opportunities: A standardized northbound API is lacking,

and although some efforts are underway to address this gap, it remains a
key area for future development and innovation among vendors and open-
source communities.
This passage underscores the role of the SDN controller as a central
network policy manager, interfacing both with underlying network
infrastructure (via the southbound API) and applications (via the
northbound API).
 ➢ Fundamental Characteristics of SDN
The fundamental characteristics of Software-Defined Networking (SDN)
include several core principles that differentiate it from traditional network
architectures. Here is a closer look at these defining features:

1. Plane Separation
• Control and Data Plane Separation: SDN distinctly separates the
control plane (which makes decisions about traffic flow) from the data
plane (which forwards traffic). This separation enables centralized control
and simplifies network management, as the control functions are
offloaded to a centralized SDN controller while network devices focus
solely on data forwarding.
• Flexibility and Scalability: By decoupling these planes, SDN makes it
easier to implement new protocols, scale networks, and adjust to
changing network demands without requiring hardware changes.

2. A Simple Device and Centralized Control

• Simplified Network Devices: With the control plane centralized, SDN
devices (like switches and routers) are simplified. They no longer need to
 make complex routing or forwarding decisions and instead rely on the
controller to direct their actions.
• Centralized Intelligence: The SDN controller acts as a centralized brain,
managing and programming the entire network based on global policies,
optimizing routing, and enabling consistent enforcement of policies
across all devices.
• Enhanced Troubleshooting: Centralized control makes it easier to detect
and resolve network issues, as all decisions and policies are visible and
controllable from one central point.

3. Network Automation and Virtualization

• Automation: SDN allows for programmable network automation,
making it easier to set up, manage, and adjust network configurations
based on real-time demands. Automated tasks like load balancing,
scaling, and failover become simpler to implement and maintain.
• Network Virtualization: By abstracting the physical network
infrastructure, SDN enables the creation of virtualized network overlays.
These overlays allow for isolated network environments, which is
especially useful for multi-tenant environments, data centres, and cloud
environments.
• On-Demand Resource Allocation: SDN facilitates rapid deployment of
virtualized resources, allowing network operators to allocate or reallocate
resources based on changing needs without hardware modification.

4. Openness
• Open Standards and Protocols: SDN promotes the use of open
standards, such as OpenFlow, for communication between the controller
and network devices. This openness encourages interoperability between
devices from different vendors and reduces vendor lock-in.
• Interoperability and Customizability: An open SDN architecture
allows organizations to use different hardware and software solutions that
can interoperate seamlessly, leading to cost savings and increased
flexibility in network design and management.
• Community-Driven Innovation: Openness also fosters an ecosystem
where developers and organizations contribute to SDN’s evolution,
enabling continuous improvement, innovation, and customization based
on user needs.
 ➢ SDN Devices
1. Switches:
a. SDN switches are the most common type of SDN device. They
operate at Layer 2 (Data Link Layer) of the OSI model, forwarding
frames based on MAC addresses.
b. These switches can be physical hardware switches or virtual
switches running in a hypervisor or cloud environment.
2. Routers:
a. SDN routers operate at Layer 3 (Network Layer) and manage the
forwarding of packets based on IP addresses.
b. Like switches, SDN routers can be physical devices or virtual
routers in a software-defined environment.
3. Access Points:
a. In wireless networks, SDN access points can manage wireless
traffic and integrate with the SDN architecture to dynamically
control user access, traffic routing, and quality of service (QoS).
4. Firewalls:
a. SDN-enabled firewalls can also be integrated into the SDN
framework, allowing for dynamic security policies and real-time
threat management based on centralized control decisions.
5. Load Balancers:
a. Load balancers in an SDN environment can dynamically distribute
network traffic across multiple servers or devices, optimizing
resource usage and enhancing performance.

Advantages of SDN Devices

• Centralized Management: SDN devices are managed through a

centralized controller, allowing for consistent policy enforcement and
easier management of network resources.
• Dynamic Configuration: The flow tables on SDN devices can be
dynamically updated by the controller in response to real-time network
conditions, enabling agile responses to changing traffic patterns.
• Enhanced Automation: SDN devices support automated network
provisioning and configuration, reducing manual intervention and errors.
• Vendor Agnosticism: The use of open standards allows for
interoperability between devices from different vendors, reducing
 dependency on a single manufacturer and increasing flexibility in
network design.

OPENFLOW:

OpenFlow is a foundational protocol in the Software-Defined Networking

(SDN) paradigm that enables the separation of the control plane from the data
plane in network devices. It allows the SDN controller to communicate with
network devices (like switches and routers) to manage flow entries dynamically.
Here’s an overview of the OpenFlow specification, its limitations, and
considerations for interoperability.

OpenFlow Specification

1. Overview:
a. OpenFlow was developed to standardize the communication
between the SDN controller and the data plane devices, enabling a
more programmable network environment.
b. The protocol specifies how to install, modify, and delete flow
entries in the flow tables of network devices.
2. Key Components:
a. Flow Entries: Each flow entry defines a set of matching fields
(such as source/destination IP addresses, MAC addresses, ports,
and protocols) and the associated actions (such as forwarding,
dropping, or modifying packets).
b. Flow Tables: Each OpenFlow-enabled device maintains one or
more flow tables, which store flow entries that dictate how packets
are processed.
c. Controller-Device Communication: OpenFlow defines messages
used for communication, including:
i. Packet In: Sent from the device to the controller when a
packet does not match any flow entry.
ii. Flow Mod: Used by the controller to add, modify, or delete
flow entries in the flow table of a device.
 iii. Packet Out: Sent from the controller to the device to
forward packets.
3. Protocol Versions:
a. OpenFlow has undergone several revisions (e.g., OpenFlow 1.0,
1.3, 1.5), with each version introducing enhancements in features,
performance, and capabilities.

Limitations of OpenFlow

1. Complexity in Management:
a. The centralized management of flow rules can become complex as
the network scales, potentially leading to challenges in maintaining
consistent and efficient flow configurations.
2. Limited Vendor Support:
a. While OpenFlow is widely supported, not all network devices from
all vendors fully implement the protocol, which can limit its
applicability in heterogeneous environments.
3. Performance Overheads:
a. The communication overhead between the controller and devices
can introduce latency, particularly when dealing with high-
throughput applications or environments with frequent flow
updates.
b. In some cases, relying on the controller for real-time decisions can
slow down packet processing compared to traditional distributed
systems.
4. Flow Table Size:
a. Flow tables have a finite size, which may limit the number of
simultaneous flows that can be handled. If the flow table is full,
additional flows may not be installed, or older flows may be
evicted.
5. Security Concerns:
a. The centralized nature of OpenFlow exposes it to potential security
vulnerabilities. For instance, if an attacker gains access to the
controller, they could manipulate flow rules to disrupt network
operations.

Interoperability

1. Standardization:
a. OpenFlow provides a standardized approach for SDN devices to
communicate with controllers, promoting interoperability among
 various vendors’ equipment and software. This standardization
helps mitigate vendor lock-in.
2. Vendor-Specific Extensions:
a. Many vendors implement proprietary extensions to OpenFlow,
which can create challenges in interoperability when different
vendors’ devices are integrated into the same network. This can
lead to compatibility issues.
3. Integration with Existing Infrastructure:
a. OpenFlow can be integrated with existing networking equipment,
but the level of support varies by vendor. Some legacy devices may
not support OpenFlow, limiting the ability to leverage SDN in
certain environments.
4. Interoperability Testing:
a. Testing frameworks and certification processes (like those provided
by the Open Networking Foundation) can help ensure that different
OpenFlow implementations work together effectively, promoting
interoperability across devices from multiple vendors.
5. Hybrid Approaches:
a. Many networks adopt hybrid architectures that combine OpenFlow
with traditional networking protocols (like MPLS, BGP, etc.),
allowing for a smoother transition to SDN while maintaining
compatibility with existing systems.

Routing Information Protocol (RIP) is one of the oldest distance-vector

routing protocols used to determine the best path for data packets across a
network. RIP was initially developed for small to medium-sized networks and
operates at the network layer (Layer 3) of the OSI model. Here’s a detailed
breakdown of RIP, including its versions, working mechanism, limitations, and
comparison to other protocols.

1. Switch

• A switch is a network device that operates at the data link layer (Layer 2)
of the OSI model. It connects multiple devices within a local area
network (LAN) and forwards data based on MAC (Media Access
Control) addresses.
 • Switches use packet switching to receive, process, and forward data to the
correct destination. They help improve network efficiency by ensuring
data is sent only to the device it’s meant for.

2. Router

• A router operates at the network layer (Layer 3) of the OSI model. It

connects multiple networks (such as connecting a LAN to the internet)
and routes data between them.
• Routers make forwarding decisions based on IP addresses and can also
perform tasks like Network Address Translation (NAT) and traffic
filtering. They are essential for directing internet traffic and connecting
networks globally.

3. Hub

• A hub is a simpler network device than a switch, operating at the physical

layer (Layer 1). It connects multiple devices in a LAN but does not
manage traffic.
• Unlike switches, hubs broadcast incoming data to all connected devices,
leading to potential network inefficiencies. Hubs have largely been
replaced by switches, which are more intelligent in managing traffic.

4. Controller

• In Software-Defined Networking (SDN), the controller acts as the "brain"

of the network. It is a centralized software application that manages and
configures network devices (like switches and routers).
• The controller communicates with network devices using the southbound
API (e.g., OpenFlow) and provides services to applications using the
northbound API (e.g., REST API). This centralized management allows
for programmable, flexible, and efficient control of network traffic,
making SDN networks more adaptable and easier to manage.

IPv4: Internet Protocol version 4

IPv4 uses a 32-bit address scheme, which provides approximately 4.3 billion
unique IP addresses. Due to the rapid growth of the internet and the number of
connected devices, IPv4 addresses are nearly exhausted.
Structure of IPv4 Address

• Format: Dotted decimal notation, represented as X.X.X.X, where each X

is a number between 0 and 255.
• Example: 192.168.1.1 or 203.0.113.10
• Classes: IPv4 addresses are divided into five classes (A, B, C, D, and E),
with Class A, B, and C being the most common for public and private
networks.

IPv6: Internet Protocol version 6

IPv6 was introduced to overcome the address exhaustion problem of IPv4. It

uses a 128-bit address scheme, providing a vastly larger address space,
approximately 340 undecillion (3.4 x 10^38) unique addresses.

Structure of IPv6 Address

• Format: IPv6 addresses are represented as eight groups of four

hexadecimal digits separated by colons (:), known as colon-hexadecimal
notation.
• Example: 2001:0db8:85a3:0000:0000:8a2e:0370:7334

1. Bridging
• Definition: Bridging is a process of connecting two or more network
segments to act as a single network. It allows devices on different
segments to communicate as if they were on the same local area network
(LAN).
• How It Works: Bridges operate at the Data Link layer (Layer 2) of the
OSI model. They use MAC addresses to forward data between network
segments.
•

2. Routing Table
• Definition: A routing table is a data table stored in a router or networked
device that contains information on how to reach various network
 destinations. It is used to determine the best path for forwarding packets
to their destination.

Ingress Filter
• Definition: Ingress filtering is the process of inspecting and managing
incoming traffic on a network interface to prevent unwanted or malicious
traffic from entering the network.
• Purpose: The main goal of ingress filtering is to protect the network from
malicious or unauthorized access, such as:
o IP Spoofing: Ensuring that incoming packets have a source IP
address that matches the expected IP range for the interface,
helping to prevent IP address spoofing.
o Traffic Filtering: Blocking traffic from certain IP addresses or
ranges, or traffic using specific protocols or ports that are not
allowed.

Egress Filter
• Definition: Egress filtering is the process of controlling and filtering
outgoing traffic from a network. It’s used to ensure that data leaving the
network complies with policies and security requirements.
• Purpose: Egress filtering aims to prevent data leaks, enforce security
policies, and limit the potential for internal devices to connect to
unauthorized or malicious external networks.
• How It Works: Egress filters inspect outbound packets to verify they are
compliant with set rules. This might include:
o Blocking Access to Certain Websites: Preventing access to non-
work-related or malicious websites.
o Data Exfiltration Prevention: Ensuring sensitive information is
not sent out of the network.
o IP Address Control: Ensuring packets leaving the network have a
valid source IP address (e.g., prevent internal IP addresses from
appearing as public IP addresses).