Traffic Steering

Network traffic steering in software-defined networks

Network traffic steering is the task of defining the different paths the application traffic can take to traverse the network. As an inherent part of network traffic control involving the process of managing, controlling, or reducing the traffic across the network, it is used by network administrators to address difficulties like congestion, latency, and packet loss within the network.

Background

Traditional networking uses fixed-function hardware for network traffic control (e.g., switches, routers, etc.). Each of these devices function individually and support each other collectively to form the basis of the network. However, in an ever-expanding business scenario, a traditional network faces major setbacks in terms of lack of scalability and the need to implement modern security features.

Software-defined networking (SDN) is a networking paradigm that enables a newer approach to building network infrastructure. Its principal concept is based on the separation of a centralized control plane and a distributed forwarding plane where the entire network and its devices are centrally controlled and managed through software applications using open APIs. SDNs make network virtualization possible, and give a global overview of the entire network topology. This, combined with the capability of software controlled applications or APIs, form the basis of an integrated network management profile assisting in directing traffic or communicating with the underlying hardware.

In a conventional network, the physical location of the control plane hinders an admnistrator's capacity to manage and control the flow of traffic. Since an SDN uses virtualization to transform the control plane from being a physical hardware entity to being software-based, it allows the control plane to be accessed through connected devices and a centralized UI, giving network administrators greater control with directing the flow of traffic efficiently.

What is the need for network traffic steering?

Traditional networks use distributed routing mechanisms for traffic routing based on physical IP routers. A typical path selection involves a router that selects an output interface by attempting to find the shortest path between the source node and the destination node. There are numerous algorithms that use various network metrics to estimate or evaluate the cost of a path. The shortest path algorithm, used widely for implementation in routing protocols, uses static metrics like number of hops, or sum of weights. This approach of choosing the shortest path on the basis of simple, static metrics usually results in an inefficient use of network resources. Additionally, problems induced by static shortest path routing could potentially bottleneck the entire network. For context, in the event of a failure, the routers look for a new shortest path as a medium to move traffic; and when such a path is found, the total traffic from the broken path moves to the newly defined path. Such traffic routing leads to congestion of the newly set path, while the old existing paths between the source and destination are left under-utilized.

An SDN approach to building the network infrastructure involves the deployment of middleboxes that transform, inspect, filter, and manipulate traffic for various purposes with a principal focus on improvement in performance, security and visibility. These middleboxes span across a wide range of functions with varying degree of complexity, including load balancing, network address translation (NAT), protocol translation, WAN optimization, intrusion detection, firewall, application-level gateway, cache, proxy, content delivery network (CDN), etc. Simple routing of flows from source to destination on the basis of shortest path has been replaced by policy-aware paths that have to pass through these middle-boxes. The SDN architecture of a separate control plane and a forwarding plane enforces policy-based routing across these network devices with the use of network traffic steering. Traffic steering allows operators to maintain an optimal resource utilization across the network by directing traffic as and where necessary.

[Note: This complex routing architecture is one of the main driving forces of a software-defined network.]

Network traffic steering policies

A traffic steering policy is a framework to define traffic management behavior for a given network zone. These policies help in the configurations of rules that serve DNS requests, provide failover capabilities, load balance traffic across multiple resources, and also provide simple, yet flexible and powerful steering mechanisms to steer network traffic. There are five types of steering policies:

  • Load balancer: These policies allow distribution of traffic across multiple endpoints. Traffic can be split evenly across these endpoints or weights could be assigned for ratio-load balancing.
  • Failover: These policies provide endpoint failover management by configuring the movement of traffic between primary and secondary assets in case of a failure.
  • Geolocation steering: These policies are used to dynamically steer network traffic to different endpoints based on the geographical source of the query.
  • ASN steering: Using ASN steering policies, network traffic can be steered to a specific endpoint based on the originating ASN.
  • IP prefix steering: These policies enable network traffic steering on the basis of the IP address prefix of the originating query.

Network traffic steering scenarios

Traffic steering is implemented on multiple levels and across diverse functionalities. Some of the scenarios where it is used are listed below:

  1. Basic failover: Considering the wide landscape of hybrid networks in deployment today, there is always a risk of network failures and performance bottlenecks. With a wide array of devices and network infrastructure at their disposal, administrators need to keep an eye on the availability and performance of these devices. Policy-based traffic steering can be used to configure failover points for servers, firewalls, access points, and other middleboxes, to maintain optimal network health by ensuring that if the primary endpoints go down, there is always a secondary endpoint to take up the traffic.
  2. Load balancing: Pools of multiple servers can be configured using network traffic steering policies to automatically distribute network traffic across the set of servers. Additionally, server health can be determined using health checks, and if a server is found to be unhealthy, traffic can be automatically redirected to a healthy server. Load balancing steering policies serve to maintain an optimal overall network performance by helping in efficient resource management.
  3. Canary testing: Canary testing is the process of testing a new software version or feature with real-time users in a production environment. It involves releasing the new code section to a small subset of users, who validate the code separately to not affect the real-time users.
     If the new application or version is deployed on a server different from the older one, the network traffic can be selectively routed to the new address to gather usage statistics, feedback on user experience and functionality, suggestions for product or feature improvement, and so on.
    If the new application is hosted on the same server, the functionality of IP prefix steering can be utilized to configure routing policies that can serve different responses for internal and external users.
  4. Zero-rating services: Conditional steering can be implemented to divert traffic based on the originating source, network medium, and communications provider in support of various policies that may be in place. In this context, ASN steering is used to direct particular ASNs to free resources while directing other ASNs to paid resources.

Implementation of traffic steering

Traffic steering can be implemented in a network using various platforms. One of the most common ways is the use of APIs or SDKs. The REST APIs used for the configuration of traffic steering policies depend on the type of configuration required. There are multiple pre-defined templates, each addressing a specific policy of traffic steering. Moreover, custom policies allow the creation and deployment of complex policies that combine the powerful capabilities of failover, load balancing, geo-location, ASN, and IP prefix steering.

How does NetFlow Analyzer help you in traffic steering?

NetFlow Analyzer’s network traffic analysis, traffic anomaly detection, and traffic shaping elements help you keep an eye on your network traffic and provide insights on critical metrics like downtimes, bandwidth utilization, jitter, latency, and top conversations at every device, interface, application, and user across your network. Configuring your traffic steering policies is made easier with such information at hand. You can use the data gathered by NetFlow Analyzer to create, audit, and update your QoS policies to ensure optimum network bandwidth performance.

Want to learn more about NetFlow Analyzer? Download NetFlow Analyzer’s free trial to explore other features and get started with next-gen network monitoring.