Software-Defined Networking in a Wide Area Network (SD-WAN)

💡 Nature networks: veins in a plant leaf (Image source: Leaf texture in macro by
Vadim Gromov)

Abstract

“Computer communication and networking have been rapidly evolving over the past few decades. It is SD-WAN (an acronym for Software-Defined networking in a Wide Area Network) which can be recognized as one of the biggest Enterprise Networking Trends in 2021. Many of the challenges posed by a traditional WAN architecture have been effectively addressed by SD-WAN. Hence it is called as next-generation WAN. SDN is not entirely a new concept but it has become an important focus, especially as it relates to infrastructure and networking. It aims to use software to make IT, function smarter, faster at lower cost. In this article, I hope to briefly describe SD-WAN, its architecture, importance, applications, and challenges.”

The content:

1. Wide Area Network (WAN)

2. Software-Defined Networks (SDNs)

3. Software-Defined Networking in a WAN (SD-WAN)

• Architecture of WAN
• Architecture of SD-WAN
• Difference between SDN and SD-WAN
• Difference between WAN and SD-WAN
• Advantages and disadvantages of SD-WAN

4. Conclusion

1. Wide Area Network (WAN)

Computer networks can be classified into 03 basic types based on the geographical area it covers, like LAN, MAN, and WAN. LAN (Local Area Network) is a group of computers connected to each other in a small geographical area such as a house, office, school. (Ex: ethernet, Wi-Fi). MAN (Metropolitan Area Network) is the interconnection of local area networks (LANs) in a city into a single larger network. A WAN can cover an entire country, a continent, or even the whole world: it is a collection of LANs and MANs (Ex: Internet). Figure 2 illustrates a traditional WAN network.

Figure 1: Traditional WAN network and its components (Image Source: Illustration by Author)

Traditional WANs are made up of thousands of routers communicating with each other over long distances. Within each router, there is a data plane and a control plane. The data plane holds the information that is being sent or received: “data”. the control plane determines where that data should go. However, it is necessary to program the control plane with rules on how to handle network traffic on the data plane. This is typically done by entering a series of commands into each router’s command-line interface (CLI) by a network administrator. This can be a very manual, time-consuming, and error-prone process.

CLI can be very cumbersome. If a mistake was made in any of those commands it is a painstaking job for IT personnel to search for the error or troubleshoot. Hence traditional WANs are error-prone.

2. Software-Defined Networking (SDN)

Network engineers try to overcome the above-mentioned issues found in traditional networking systems, by developing tools and scripts to automate the process. It enables the programmatic and dynamic control of the network. Most of the traditional networking devices are black boxes that must be manually configured and cannot be modified by a third party. In contrast, SDN networks are made of simple network elements which include an agent interface where the data-plane functions can be loaded by a network controller.

Automation and flexibility are two of the major concepts behind SDN. Simply, it refers to separating the control plane ( the layer that defines and manages the network behavior) from the data plane (the layer that processes the data packets).

There are numerous benefits associated with such an approach.

1. Efficient load balancing.
2. Better traffic distribution.
3. Minimizing the mistakes (since one control plane has to be changed instead of configuring numerous devices).
4. No need for a network administrator to publish the changes (Automatic configuration of the devices).

3. Software-Defined Networking in a WAN (SD-WAN)

As discussed above, SD-WAN is applying SDN concepts when implementing WANs. Managing a WAN from a centralized location via the software is the simplest definition for SD-WAN. It basically de-Couples the control plane and data plane from the hardware. The Control plane is made into a “Software” (contrary to Hardware) and then managed from a centralized location.

The changes to the control plane can be grouped and simultaneously and easily managed across the entire WAN using business-defined rules from a central management portal. This added simplicity makes it easier to take advantage of broadband internet connections instead of relying solely on expensive private MPLS networks. It ultimately increases performance as well as lowers the cost.

Architecture of WAN

In classic WAN architecture, the branch offices (where more than 80% of the transactions are handled) are connected to a headquarters-based data center by a router over an expensive leased line connection (usually a private telecommunication circuit such as MPLS — Multiprotocol Label Switching). Since all the applications used are held in data centers this approach was sufficient for the transactions in the past era. The traffic was routed from source to destination based on TCP addresses, access control list tables s and complex routing protocols. All of the control functions are distributed across all the routers.

Figure 2: Classic WAN architecture in early days (Image Source: Illustration by Author)

When applications moving to the cloud, the traffic patterns start to change.

Ex:

• Enterprise applications — Amazon web services, Google cloud, etc.
• SaaS applications (Software-as-a-service) — SalesForce, WorkDay, Office 365, Facebook, YouTube, Dropbox

Here they are sending the cloud traffic that is destined for the internet back to the headquarters data center. These added delays degrade application performance and consume expensive leased line bandwidth.

Figure 3: Architecture of a modified WAN implementation with the introduction of Cloud technologies (Image Source: Illustration by Author)

Architecture of SD-WAN

SD-WAN architecture is a Software-defined model. Here, instead of routing traffic just based on addresses, an SD-WAN is an ‘Application-Aware’ that utilizes software to more intelligently route or steer traffic across the WAN based on the business requirement for an application. These include the priority of the application, the performance required, and the security policies that must be enforced. An SD-WAN comprises the right set of features to enable the ability to actively use the internet as a secure, reliable form of WAN transport. This allows the use of 4F/LTE in addition to broadband internet and expensive MPLS connections.

Figure 4: Architecture of a sample SD-WAN implementation (Image Source: Illustration by Author)

Difference between SDN & SD-WAN

Both SDN and SD-WAN are architecturally similar in many ways. Both of them utilize centralized management or orchestration which is called the control plane and a distributed data forwarding function called a data plane. And both SDN and SD-WAN are on application-driven traffic routing policies. Nonetheless, the following are few differences between the two approaches.

Advantages and disadvantages of SD-WAN

There are tons of advantages of SD-WAN: the obvious reason for it is becoming popular in 2021. Following are major advantages of SD-WAN over traditional approaches.

• Increased application performance and availability

An SD-WAN enables the use of multiple WAN transport services such as MPLS, broadband, and 4G/LTE. Even more advanced SD-WAN platforms enable the use of multiple modes of transport, even to carry traffic for a single session. (such as phone calls, video conferences, etc.). Adding bandwidth increases the performance of the app. Using multiple transport services for the same app improves the reliability because even if one transport fails, the remaining continues to carry the application session: the business keeps running uninterrupted.

• Enhanced agility and responsiveness

The 03 key capabilities of SD-WAnn are centralized orchestration, zero-touch provisioning, and secure use of internet services. Hence a new branch office can be brought online quickly without the need for specialized IT resources. In the same manner, adding a new application, or chain the security policy of the network also convenient and time-efficient.

• Simplified WAN Edge Architecture

The right SD-WAN can unify all the essential WAn edge network functions in a single platform (routing, Firewall, Visibility and Control, WAN optimization). Besides reducing the hardware footprint and power consumption at every branch, orchestrating all of these functions greatly simplifies WAN infrastructure management for It and provide more consistent security policy enforcement throughout the enterprise.

• Improve WAN security

The SD-WAN can provide end-to-end segmentation that can separate or isolate voice traffic and point of sale traffic from guest Wi-Fi. Cloud-hosted security services (Ex: Check Point, McAfee, zscaler, OPAQ) are more consistent than on-premises security solutions. Because security delivered in the cloud is easier to keep up to date with the latest threats and vulnerabilities. This is in contrast to the traditional WAN architecture where firewalls must be updated daily.

• Lower WAN cost

The ability to use lower-cost broadband to augmented or even replace MPLS and the ability to simplify WAN architecture and security can drive substantial cost saving over time.

4. Conclusion

An SD-WAN uses a centralized control function to securely and intelligently direct traffic across the WAN. SD-WAN is expanding and has already started replacing the classic WAN network. SD-WAN increases agility by simplifying network policy configuration & management. It provides higher performance by intelligently leveraging multiple paths including broadband connections. And it greatly lowers the IT operational cost in networking.