Friday, September 16, 2016

Where's the northbound API?

(For background, see https://www.sdxcentral.com/sdn/definitions/north-bound-interfaces-api/)

When speaking about SDN, a northbound API is something used to tell an SDN controller (versus an SDN controlled device) to do something. For example, you might use it to tell an SDN controller to prioritize a certain user's traffic over other traffic. It's up to the SDN controller to instruct devices in turn to do implement your request (generally with a southbound API, like OpenFlow).

FAUCET doesn't have a northbound API as such, because it doesn't need one. Instead, you can just change FAUCET's config file and HUP the FAUCET to have the change take effect. As an example, see https://faucet-sdn.blogspot.com/2016/07/8021x-authentication-on-faucet-nfv.html - we combine NFV (of authentication) with a triggered update of FAUCET's config file (to remove an ACL from a port once a user has been authenticated).

In summary. If you want to orchestrate a fleet of FAUCET based switches, change user VLANs on the fly, update ACLs, override forwarding with policy based forwarding (Eg, https://faucet-sdn.blogspot.com/2016/07/policy-based-forwarding-with-faucet.html), etc, then you would script generation of new FAUCET configs as appropriate and signal FAUCET to apply the change.


No comments:

Post a Comment

Note: Only a member of this blog may post a comment.