Got Software Defined Networking?

So you probably have been hearing about Software Defined Networking for now quite a while but are wondering how it is exactly, how does it work and how you implement that in your organization. In a serie of posts here, I will give you some overview of the various components it takes to deploy SDN in the real world.

But first let’s start with the basics in this post!

Why doing SDN?

With the utilization of clouds, we seen datacenters becoming very much bigger and way denser so we had the address the following problems:

  • we reached the technical limits of IP networks for multi-tenancy (VLAN can host only 4 thousands different networks, Private VLAN not suitable for all situations)
  • networking processes being manual and error-prone: while compute virtualization allowed us to gain more flexibility and programmability, not much has evolved for a long time in the networking field, hence networking becoming a bottleneck for growth and innovation.
  •  vendor-specific extensibility: how to go beyond some hardware specific limitations and pricing?

While they embrace cloud models, companies adopt at the same time new paradigms for developing and hosting their applications:

  • From endpoints VM that are relatively long-lived, we host applications in containers that average lifetime is in minutes.
  • Micro-services architectures makes endpoint instantiated on-demand, so the slowness of network processes and procedures is no longer bearable and we must automate everything.

For many organizations it has become crazily complex to understand network flows, so we need to adopt a new paradigm for managing hybrid clouds. With SDN we want to achieve:

  • fully automated network operations: from a complex architecture to deploy, we want a high level of abstraction environment that will deploy transparently to networks the policies we define.
  • decreasing operational costs: because you better administer the network, you can better use the compute, densifying your virtualization platform and getting more ROI and savings on energy.
  • improving security and compliance: you program once your network and its rules, and it gets applied everywhere.
  • accelerating time to market: network is programmed, is integrated into companies development strategies and tooling for DevOps.
  • openness and easiness of integration: easy to deploy third parties components to enable new features and functions on the network.

Now you might think that SDN is only for cloud providers or huge organizations. Actually it’s not only the case. Take 10 hypervisors that you have in your current environment: can you describe precisely the networking operations that occurs on them? Can you tell for sure if a VM moves from one host to the other if its going to survive? How do you manage integration with other networks: non-virtualized or in cloud services?

Nuage Networks Solution Overview

Nuage Networks has been doing SDN for more than 5 years with field-proven cases and big deployments for mission-critical workloads with a suite of solutions. Here’s what we have for you:

Virtualized Services Platform

VSP Is a suite of solutions that solves today’s IT datacenter and hybrid-cloud challenges:


  • VCS: for the datacenter needs, network virtualization, distributed routing and switching, micro-segmentation, enterprise distributed firewall and many more.
  • VSS: allows you to define filtering services and micro-segmentation. (It’s a brand new product to be released soon.)
  • VSAP: extends SDN with an additional level of control and management: it enables administrators to understand all the routing topology, correlates the IP layers, routing layers and the virtualization layers to offer you quicker problem resolution and preventive guidance.
  • VNS: is our solution for SD-WAN. It allows you extend the SDN to branch offices and cloud services easily.

In this specific post, I will start introducing the datacenter solution building blocks:

Virtualized Cloud Services

logovsp VCS is the foundation for an open and dynamically controlled datacenter network fabric. It allows you to program your datacenter, and leverage SDN features:

  • deploy and configure networking as you do for compute (and storage).
  • automate the network.
  • simplify the network and network policy definition.
  • connect any datacenter elements extending layer-2 domains including both virtualized and non-virtualized environments.
  • growing cloud-scale: supporting thousands of tenants with highly redundant infrastructure.


logovsd Virtualized Services Directory contains all intelligence and logic for your network and SDN environment. VSD is where you define your networks, their traffic templates and policies, filtering and micro-segmentation and network analytics.
Configuration can be achieved on a HTM5-based GUI, via CLI, or directly via REST API if you want to program your SDN environments (if you do DevOps for instance and want to automate operations).This is how VSD UI looks like for the logical networks definition: you can see a layer-3 domain with the different networks defined on it and the different VM and interfaces participating into this. You can then define all common networks operations via this interface: vsdui


logovsc Virtualized Services Controller: this is the SDN engine. It get instructions from the VSD configuration and translates that into language that network devices will understand. Those devices can be hypervisors, routers, switches or network gateways.

Into the SDN World we commonly refer this guys to have two interfaces:

  • Northbound interface: takes instruction from the logical management place, it usually takes the form of REST API calls.
  • Southbound interface: sends instruction to devices that are responsible to enforce the network rules, it usually takes the form of OpenFlow messages.

VSC is based on the very robust and field-proven SR-OS (Service Router OS from Nokia, this is the router that equips a quite significant part of the core internet routers).


logovrs Virtualized Routing & Switching is a component that serves as virtual endpoints for network services. It monitors the compute-related events and notifies the SDN controller that will send the appropriate rules (as defined in the cloud management solution and in VSD). It is installed on the hypervisors in your environment, we now support: VMware, KVM, Docker and more to be announced (very) soon!


7850vsg Virtualized Services Gateway enables non-SDN enabled devices to be integrated into the SDN model. You just plug your grand-pa server to the regular RJ45 port, and it will belong to SDN world, applying policies and network settings as you defined them. It’s a pretty nice piece of hardware operating L2/L4 with performance up to 1 Terabit/s capacity in a single rack unit.

We also have a virtual appliance of this component called VRS-G for VRS-Gateway, that allows you include baremetal assets into SDN world.

Putting it together

So for a logical view of a basic SDN solution in an organization, it would look something like that:


  • Management Plane: VSD allows you to define the network configuration, you can also use various cloud management solutions of the market: OpenStack, VMware, CloudStack and more.
  • Control Plane: SDN controller work is done by VSC. For high availability of this role, you can deploy multiples VSC, they will exchange route information with other controllers and it will also allow you to scale-out linearly for the biggest environments. You can also very easily integrate it with your edge routing devices (from your service providers), as they talk BGP too.
  • Data Plane: You deploy VRS on the hypervisors in your environment, non-virtualized workloads can be connected to gateways (VRS-G, VSG, or third parties hardware).


Now that we have the basics, we will further study in later post how the components talk together to make a complete and comprehensive enterprise SDN solution. In the meantime, you can review:

You can also reach out to me directly if you need help with SDN!


One thought on “Got Software Defined Networking?

Leave a Reply

Your email address will not be published. Required fields are marked *