SDNCan SDN network architecture replace TCP/IP architecture?1. SDN and NFV differ from traditional routing table selection rules, as they choose forwarding paths through OpenFlow flow tables. Does this mean that routing protocols like OSPF and EIGRP are no longer needed? Can we say that it has replaced the network layer?2. Overlay provides layer 2 flat forwarding to achieve user isolation and prevent loops. Can it replace traditional firewalls?3. Will operators using NFV networks incur lower costs than traditional networks?
No, because the three main aspects of SDN networks—Control, Management, and Data—are built on the TCP/IP architecture. If the underlying TCP/IP architecture is replaced by SDN, who will help the SDN network traffic take off and land?This is akin to asking whether virtual operators can replace physical operators; the answer is certainly no. If they could, virtual operators would not be called virtual but rather physical operators.Fast forward to the year 2023, where artificial intelligence has reached a new milestone with the birth of the ChatGPT chatbot. This is considered a milestone because its emergence will significantly enhance productivity. For capitalists, the cost of intelligent robots is certainly cheaper than hiring humans, and they are more efficient. For some professions, this may be bad news, such as software engineers, illustrators, translators, etc. For some Q&A forums, it may also be somewhat negative news, as the time to get answers through chatbots is much shorter than that of QA forums.Some foreign QA technical forums have statistics showing that since the popularity of ChatGPT, the registration of new users on technical forums has significantly declined. But has ChatGPT completely replaced QA technical forums?No, because ChatGPT cannot answer particularly complex technical questions posed by users. Readers who do not believe this can try asking ChatGPT a complex question and see if they receive a satisfactory answer.In fact, whether it is ChatGPT or SDN, the trend is consistent: an increasing amount of computational power (CPU) is replacing human labor. This is because human labor is more costly than computational power, and humans are prone to errors. In contrast, the probability of errors in computational power is much lower, and when handling repetitive monotonous tasks, it is not influenced by emotions, thus improving reliability.Is it possible for any network to completely avoid using IGPs like OSPF or ISIS, and only use BGP?Yes.Then why hasn’t BGP completely eliminated OSPF, ISIS, and static routing?Because BGP’s ability for multiple-path load balancing is very weak; in most cases, there is only one optimal path. OSPF/ISIS can support up to 8 equal-cost routes, and with a simple modification, it can even support 16 equal-cost routes. Can BGP do that?No.Readers may think in reverse: since OSPF/ISIS is so powerful, why does BGP still exist?That’s because BGP can accommodate routing table entries with virtually no upper limit, depending on the system’s memory resources. Can OSPF/ISIS do that?No.Therefore, in the world of computer networks, many technologies are complementary rather than substitutive.Just like the invention of SD-WAN, it does not necessarily mean that MPLS leased lines will be eliminated; they exist in a competitive relationship, but more importantly, a complementary relationship.Although MPLS VPN is a type of virtual private network technology, traffic traversing MPLS VPN is not encrypted. While major vendors have their own proprietary encryption technologies (GET VPN), they are very complex to configure and have zero interoperability.When SD-WAN treats MPLS leased lines as the underlying infrastructure, it can help encrypt them, and this encryption configuration does not require human involvement; it is completed automatically. Only after using it will one know how pleasant that is.Answer to Q1Any network architecture model has three main layers. As long as any of these three layers cannot do without TCP/IP, it cannot be replaced. Consider whether the SDN network is designed to serve IP packets; can it exist without TCP/IP?Clearly not. Just as you said, the SDN network automatically completes the establishment of flow tables and tunnels, but did you know that after all the layers of packaging, it still has to go through IP routing tables and network cards?Answer to Q2VLANs can also isolate traffic from different subnets, but the granularity of this isolation is too coarse; it can only be precise to the subnet. Users within the same subnet have different access needs; how can they be isolated? By using firewalls.Overlayis essentially a tunneling service encapsulated in the underlying IP/UDP, which can be point-to-point or point-to-multipoint. Although it can isolate different customers, it is still powerless for internal traffic isolation among customers, which still requires firewalls.Answer to Q3NFV configuration costs are low because the underlying complex configuration code has been highly modularized, allowing for quick configuration with just a few mouse clicks, greatly improving productivity and reducing the workload of configuration personnel.