Route analytics vendor Packet Design is developing a prototype network access broker for wide area SDN. The broker would enable a controller to understand how the network changes it makes will affect existing services on the routed WAN.
"Everyone talks about the separation of the control plane from the data plane and having the higher-level intelligence to programmatically and automatically configure the network to meet application demands on the fly. But what intelligence is going to tell you whether or not you should make those changes?" asked Steve Harriman, senior vice president of marketing for Santa Clara, Calif.-based Packet Design.
The routed WAN has a much higher degree of constraint, lower bandwidth rates and more potential contention than switched enterprise networks, said Jim Frey, vice president of research for Enterprise Management Associates. "So there is a need to keep a closer watch on the balance between demand and capacity in the routed network and for making sure capacity is available when new paths of connectivity are requested. [It's also important to know] that whatever is out there is actually running efficiently and optimally so when new connectivity, links or paths are set up using an SDN approach, you have [more than] a reasonable guess that it's going to be successful."
Today, no mechanisms exist to let controllers understand how the changes they make to a routed WAN for a new workload will affect other workloads on the network, Harriman said. Packet Design's prototype network access broker will offer an SDN controller a combination of real-time route analytics and policy control, providing real-time visibility into routed network topology and flows.
"You can't do this on a static model that was taken two hours ago or even two minutes ago," Frey said. "We believe there is a need for a network access broker to determine what the impact of requested application services will be and to interact with the SDN controller to give a green light or a red light on whether those changes should be made."
Packet Design's network access broker will be based on the company's route analytics technology, which behaves like a passive router. It listens to the broadcasts other routers make about changes and events, and uses that data to construct and maintain a real-time topology map of the state of the WAN.
More on wide area SDN
Emerging SDN WAN optimization applications
Multilayer SDN: Extending programmability across packet and optical layers
How SDN WAN helps address cloud and BYOD demands
With features such as Quality of Service, network engineers have always been able to configure networks to deliver the most important traffic first, Frey said. But the ability to do this in a routed network becomes more complicated when engineers introduce more programmability and automation to the WAN.
"There are any number of tools out there designed to watch and assess the health of networks -- maybe not down the routing protocol level that Packet Design is doing. But in general, traditional network monitoring tools can [determine] what [the health and capacity is] of each portion of the network. The challenge is turning that into something that can be fed into a controller architecture [fast enough], " Frey said.
"The big challenge for a traditional network management platform that maps out and discovers topology, connectivity and capacity is keeping that current and being responsive when a request comes that needs to be validated. We have to find a way to make sure you don't oversubscribe [SDN WANs], and when you do oversubscribe, that you appropriately de-tune applications, workloads and pathways that are less critical," he said.
The details of how Packet Design's route analytics-based access broker would fit into an SDN stack remain vague for now. Packet Design could propose it as a service or software module that plugs directly into SDN controllers. It could also develop it as an application that connects to the controller through a northbound interface. Whatever the case may be, the market should see a version of it emerge in a few months.
"We are building a prototype that we should have completed by the end of the year or the beginning of next year that will be using, for example, OpenDaylight to demonstrate this policy-based analytical capability," Harriman said.