Software-Defined Networking (Part 2)

software-defined networking part 2

This is my second article on a technology that I think is going to have an incredible impact on industrial automation and revolutionize how we manage and secure industrial networks. Software-Defined Networking (SDN) is a technology that is currently being deployed by IT organizations around the globe. Today I want to tell you why I think it is also applicable to industrial networks where we use EtherNet/IP, Modbus TCP, PROFINET IO, and other industrial protocols.

In my last article, I talked about how, in an SDN network, the control plane of a switch is separated from the data plane and resides in a controller. If you’re familiar with managed switches you’ll recognize the control plane – it’s where you put the decision making in the switch. It’s where an experienced IT technician configures VLANs, whitelists traffic, sets up ports for port mirroring, enables IGMP and does all that other configuration. It’s also the part of the switch that responds to SNMP messages.

The data plane, on the other hand, has only one task – moving an incoming message from this port to some other port.

In an SDN network, an SDN switch doesn’t really have a control plane. It has an agent that communicates with the SDN controller to get the operating characteristics of the switch. There is a protocol (OpenFlow) that I will be discussing in a future article that handles the communication between the SDN controller and the SDN switch.

The controller, as you might imagine, has to be sophisticated. It must figure out all the operations details for all the switches in its zone and provide those details to each switch. An SDN controller is an application program in a software-defined networking (SDN) architecture that manages the switches to achieve improved network management and application performance. It typically runs on a server and uses a protocol like OpenFlow to tell switches where to send packets (data plane instructions).

While the controller is more sophisticated in a Software-Defined Networking system, the switches are much less sophisticated. They consist only of the data plane, a tiny control plane, and an agent.

This means that switches become much more of a commodity. An SDN switch from one manufacturer is just like an SDN switch from another manufacturer. Unlike the switches we use today on the factory floor, SDN switches can be easily replaced by an SDN switch from another manufacturer.

And there are other significant benefits to SDN switches:

  • No switch configuration to backup
  • No switch configuration to load when you replace a failed switch – the controller will download the configuration automatically
  • No IT person needed to program or revise the switch configuration – you use the controller to do that
  • The switches are irrelevant to the operation of your machine or industrial network.

The last point is especially important. As a control engineer using an SDN network, you can forget about what is connected to which switch and simply plan for what device needs to talk to what other devices. The details of the network configuration go away!

In the coming weeks, I’ll have more to say about the benefits of SDN networking and how that controller works. To read part 1 of this blog series, click here.