Home » Software-Defined Networking (SDN): OpenFlow, Controllers และ Network Programmability
Software-Defined Networking (SDN): OpenFlow, Controllers และ Network Programmability
Software-Defined Networking (SDN): OpenFlow, Controllers และ Network Programmability
Software-Defined Networking (SDN) แยก control plane ออกจาก data plane ทำให้สามารถ program network behavior จาก centralized controller แทนที่จะ configure ทีละ device OpenFlow เป็น protocol มาตรฐานสำหรับ communication ระหว่าง controller กับ switches, Controllers เป็นสมองของ SDN network และ Network Programmability ทำให้ automate และ orchestrate network ได้ผ่าน APIs
Traditional networking ทุก device ตัดสินใจ forwarding ด้วยตัวเอง (distributed control plane) ซึ่งทำให้ configuration ซับซ้อน, ไม่มี global view, changes ช้า (CLI ทีละ device) SDN แก้ปัญหา: centralized controller มี global view → program ทุก device พร้อมกัน → network-wide policies ใน minutes แทน days
SDN Architecture
| Layer |
Role |
Components |
| Application Layer |
Business applications ที่ใช้ network services |
Network apps, orchestrators, analytics |
| Northbound API |
Interface ระหว่าง applications กับ controller |
REST API, gRPC, Python SDK |
| Control Layer |
SDN Controller — brain ของ network |
OpenDaylight, ONOS, Floodlight, Cisco ACI APIC |
| Southbound API |
Interface ระหว่าง controller กับ network devices |
OpenFlow, NETCONF, gNMI, OVSDB |
| Infrastructure Layer |
Physical/virtual switches ที่ forward traffic |
OpenFlow switches, OVS, hardware switches |
OpenFlow
| Feature |
รายละเอียด |
| คืออะไร |
Protocol สำหรับ controller สั่ง switch ว่าจะ forward packets อย่างไร |
| Flow Table |
Switch มี flow table: match fields → actions (forward, drop, modify, send to controller) |
| Match Fields |
Source/Dest MAC, IP, Port, VLAN, MPLS, etc. (Layer 1-4) |
| Actions |
Forward to port, drop, modify header, send to controller, push/pop tags |
| Reactive Mode |
Unknown packet → send to controller → controller decides → install flow |
| Proactive Mode |
Controller pre-installs flows → switch forwards without asking |
| Versions |
OF 1.0 (basic), OF 1.3 (widely deployed), OF 1.5 (latest) |
| Port |
TCP 6653 (IANA assigned), TCP 6633 (legacy) |
SDN Controllers
| Controller |
Type |
จุดเด่น |
| OpenDaylight (ODL) |
Open Source (Java) |
Linux Foundation, modular (MD-SAL), enterprise features |
| ONOS |
Open Source (Java) |
ONF, carrier-grade, distributed clustering, intent framework |
| Floodlight |
Open Source (Java) |
Simple, lightweight, good for learning/lab |
| Ryu |
Open Source (Python) |
Python-based, easy to extend, good for research |
| Cisco ACI (APIC) |
Commercial |
Intent-based, policy-driven, Nexus 9000 integration |
| VMware NSX |
Commercial |
Network virtualization, microsegmentation, multi-cloud |
| Juniper Contrail |
Commercial/Open |
Multi-cloud SDN, Kubernetes integration |
SDN vs Traditional Networking
| Feature |
Traditional |
SDN |
| Control Plane |
Distributed (each device) |
Centralized (controller) |
| Configuration |
CLI per device |
API/GUI from controller |
| Network View |
Per-device (no global view) |
Global topology view |
| Change Speed |
Slow (device by device) |
Fast (network-wide policy) |
| Vendor Lock-in |
High (proprietary OS per vendor) |
Lower (OpenFlow standard) |
| Automation |
Script per device (limited) |
Full API-driven automation |
| Flexibility |
Limited by vendor features |
Programmable (custom forwarding) |
Open vSwitch (OVS)
| Feature |
รายละเอียด |
| คืออะไร |
Production-quality virtual switch (open source) |
| Protocols |
OpenFlow, OVSDB, sFlow, NetFlow, SPAN, LACP, 802.1Q |
| Use Case |
VM networking (KVM, Xen), container networking, SDN data plane |
| Performance |
DPDK support สำหรับ high-performance forwarding |
| Integration |
OpenStack Neutron, Kubernetes (OVN), VMware |
Network Programmability
| Approach |
วิธีทำ |
Tools |
| Controller APIs |
ใช้ REST API ของ SDN controller สำหรับ network operations |
Python + requests library |
| Device APIs |
NETCONF/RESTCONF/gNMI ตรงไป network devices |
ncclient, NAPALM, gNMIc |
| Automation Frameworks |
Ansible, Terraform สำหรับ network provisioning |
Ansible network modules |
| Custom Applications |
เขียน SDN applications บน controller (Northbound API) |
Java/Python SDK ของ controller |
| P4 Programming |
Program data plane behavior (custom packet processing) |
P4 language, Tofino switches |
SDN Use Cases
| Use Case |
Benefit |
| Data Center Fabric |
Automated provisioning, microsegmentation, multi-tenancy |
| WAN Optimization (SD-WAN) |
Dynamic path selection, application-aware routing |
| Campus Network |
Policy-based access, segmentation, automation |
| Service Provider |
Network slicing, service chaining, NFV orchestration |
| Security |
Dynamic ACLs, quarantine, traffic steering to security appliances |
| Research/Lab |
Experiment with new protocols without hardware changes |
ทิ้งท้าย: SDN = Centralize Control, Program the Network
SDN Architecture: Application Layer → Controller → Infrastructure Layer (3 layers) OpenFlow: southbound protocol (controller → switch flow table programming) Controllers: ODL, ONOS (open source), Cisco ACI, VMware NSX (commercial) OVS: virtual switch (OpenFlow data plane for VMs/containers) Programmability: REST APIs, NETCONF, Ansible, P4 (data plane programming) Benefit: global view, fast changes, API-driven, vendor-neutral (OpenFlow)
อ่านเพิ่มเติมเกี่ยวกับ Network Automation Python Netmiko และ NETCONF RESTCONF gNMI Yang ที่ siamlancard.com หรือจาก icafeforex.com และ siam2r.com
