A Software Defined Network Controller And A Method Of Controlling An

A Software Defined Network Controller And A Method Of Controlling An Sdn Network

Abstract: A computer implemented method for controlling a software defined network (SDN). The method comprising providing a plurality of client portals which are configured for facilitating end users selecting resourses via local user interfaces. Providing a master control module in communication with the client portals and configured for managing flow control on the SDN network. Generating by the master control module a plurality of discrete control agents each associated with a particular end user and configured based on the resources selected by the particular end user. Dispatching the discrete control agents to the local devices of the respective end users for controlling thereof.

Patent Information

Application #

Filing Date

25 December 2015

Publication Number

26/2017

Publication Type

INA

Invention Field

COMMUNICATION

Status

Email

Parent Application

Applicants

Sanctum Networks Limited

KN Group, GHQ, Cloverhill Industrial Estate, Clondalkin, Dublin 22, Ireland

Inventors

1. Nazneen Shaikh

555, 9th cross, JP Nagar 3rd Phase, Bangalore 560078, India

2. Murali Krishnan

402, 1st B Main, Srivari heritage, Vinayaknagar, Bangalore 560017, India

3. Girish Gulawani

B11302, L&T South city, Arakere, Bangalore 560078, India

Specification

Claims:
We claim:
1. A computer implemented method for controlling a software defined network(SDN); the method comprising:
providing a plurality of client portals which are configured for facilitating end users selecting resourses via local user interfaces;
providing a master control module in communication with the client portals and configured for managing flow control on the SDN network;
generating by the master control module a plurality of discrete control agents each associated with a particular end user and configured based on the resources selected by the particular end user; and
dispatching the discrete control agents to the local devices of the respective end users for controlling thereof.

2. A method claim 1, wherein the control agents are loaded tofirmware containedon the local devices.

3. A method of claim 1, wherein the control agents are activated on a reset or a reboot of the local devices.

4. A method of claim 1, wherein the control agents are centrally controlled by the master control module.

5. A method of claim 1, wherein the control agents are binary deployable.

6. A method of claim 1, wherein a record for each end user is maintained by the master control module.

7. A method of claim 1, wherein the end users are authenticated prior to the dispatcing of the control agents.

8. A method of claim 1 wherein the master control agent generates a configuration file for each resource selected by the end user.

9. A method of claim 8, wherein the configuration file is incorporated into the control agent.

10. A method of claim 9, wherein an instance of each resource in created on the cloud.

11. A method of claim 10, wherein the requested resource is accessible via the end user portal.

12. A method of claim 9, wherein a network-function virtualisation (NFV) instance is configued.

13. A method of claim 1, further comprising dispatching the discrete control agents to an in-home network for the gathering of transport protocol related information to ensure accurate delivery of the services in accordance with the control criteria selected by the end user.

14. A method of claim 1, further comprising dispatching a unified control plane across multiple access technologies thereby enabling operators to singularly deploy and control services in a unified fashion.

15. A method of claim 15, wherein the access technologies includes at least one of DOCSIS, FTTx, xDSL, and Wi-Fi.

16. A method of claim 1, wherein localised control is enabled for services specifically in relation to the services that the end user has selected.

17. A method of claim 1, whereinprogramable control of end devices isenabled locally and specifically for the individual device in relation to customer service requirements.

18. A network controller for a software defined network (SDN), the network controller comprising:
a plurality of client portals configured for facilitating end users selecting network resoursesvia local user interfaces;
a master control module in communication with the client portals and configured for managing flow control on the SDN network; the master control module being operable togenerate a plurality of discrete control agents each associated with a particular end user and configured based on the network resources selected by theparticular end user; and
a communication module configured for dispatching the discrete control agents to one or more local devices of the respective end user for controlling thereof.

19. A computer implemented method for controlling an SDN network; the method comprising:
providing a plurality of client portals which are configured for facilitating end users selecting network resourses of the SDN network via local user interfaces;
providing a mastercontrol module in communication with the client portals and configured for managing flow control on the SDN network;
generating a plurality of discrete control agents each associated with a particular end user and configured based on the network resources selected by the particular end user; and
dispatching the discrete control agents to one or more local devices of the respective end user for locally controlling thereof.

20. A computer implemented method for controlling a software defined network (SDN); the method comprising:
providing a plurality of client portals which are configured for facilitating end users selecting resourses via local user interfaces;
providing a master control module in communication with the client portals and configured for managing flow control on the SDN network;
generating by the master control module a plurality of discrete control agents each associated with a particular end user and configured based on the resources selected by the particular end user; and
dispatching the discrete control agents to the local devices of the respective end users for controlling thereof.

21. A computer implemented method for controlling access in a software defined network (SDN); the method comprising:
providing a master control module configured for managing flow control on the SDN network;
generating by the master control module a plurality of discrete access control agents each associated with particular nodes of the SDN network node for controlling access thereto; and
dispatching the discrete access control agents to devices associated with the respective nodes for dynamically programming the devices with access control criteria.

22. A computer implemented method for controlling an in-home network in commmunciaiton with a software defined network (SDN); the method comprising:
providing a client portal for facilitating an end user interfacing with the in-home network for selecting local control criteria;
providing a master control module associated with the SDN network which in communication with the in-home network and configured for managing flow control;
generating by the master control module a plurality of discrete control agents each associated with a particular end user and configured based on the control criteria selected by the end user on the client portal; and
dispatching the discrete control agents to the in-home network for controlling the devices of the in-home network in accordance with the control criteria selected by the end user.

23. A computer implemented method for controlling a DOCSIS compatible network; the method comprising:
providing a master control module on a cable modem termination system (CMTS) which is configured for controlling DOCSIS cable modems;
generating by the master control module a plurality of discrete control agents each associated with a particular DOCSIS cable modem; and
dispatching the discrete control agents to the DOCSIS cable modems for dynamically programming the DOCSIS cable modem with a boot-file from the CMTS without having to read a kernel daemon.

Dated this on 25th day of December 2015.
, Description:

FORM 2
THE PATENTS ACT 1970
(39 of 1970)
&
The Patents Rules, 2003
COMPLETE SPECIFICATION
(See section 10 and rule 13)

1. A software defined network controller and a method of controlling an SDN
network

2.

1. (A) Sanctum Networks Limited
(B) Ireland
(C) KN Group, GHQ, Cloverhill Industrial Estate, Clondalkin, Dublin 22, Ireland

The following specification particularly describes the invention and the manner in which it is to be performed.

FIELD OF THE INVENTION
The present disclosure relates tosoftware defined networks (SDN) and a method of controlling thereof. In particular, the disclosure relates to an SDN controller and related architecture.

BACKGROUND
Networks become increasily more complicated as they expand in size and much more difficult to manage and control. In a traditional network considerable IT resources are required to implement process such as configuration and provisioning. Traditionally these tasks were manually implemented by a network administrator. The SDN approach automated these processesvia software.

An SDN controller is an application that manages flow control to enable intelligent networking. SDN controllers are based on protocols, such as OpenFlow, that allow servers to tell switches where to send packets. In a conventional network, each switch has proprietary software that tells it what to do. In the OpenFlow model, the packet-routing decisions are centralized.

In a conventional switch, the data path and the control path are provided on the same device. In an OpenFlow compatible switch the data path is separate from the control path. The data path is resident on the switch itself while a separate SDN controller provides the control path which makes the routing decisions. The OpenFlow protocol provides a means for the switch and controller to communicate.

Flow control is the control of data flow between nodes or devices in a network so that the data may be communicated efficiently. If too much data arrives at a device before it is able to handle the data volume it causes data overflow which may mean that data is lost or has to be retransmitted.

An SDN controller comprises a repository of control and policy instructions for the network.The SDN controller has an end-to-end view of the entire network, and information of all network paths and device capabilities. As a consequence, the SDN controller may calculate paths based on both source and destination addresses; use different network paths for different traffic types; and react the condition of the network changes. While the centralised control approach allows a network to be managed more efficiently that the conventional approach delays can occur in view of huge volume of routing decisions that need to be centrally processed. Futhermore, the centralised control approach fails to address the granularity of setting specific policies for end users as to how their their devices should be controlled.The centralised control approach fails to take account ofhow to scale the centrally operated SDN Controller which controls very large numbers of distributed users with granular preferences and very large numbers of end devices in and how it should dictate to the end user how data should be routed and how network services should be applied. These limitations are undesireable.

The consumer of today is placing ever-increasing demands on the Service Provider. Both, directly with the call for “always connected” with increasing bandwidth speeds, real-time services with quality but also indirectly with the consumption of an ever widening choice of Over the Top, cloud services and device applications e.g. Netflix, Amazon, Messaging, Skype etc. This is further compounded by the growth for on-line video and numbers of connected devices, only set to increase further with the “Internet of Things”.

This explosion is set against a rising tide of security threats, identify and financial fraud and targeted hacking is driving customers to manage and control their connected environment in the simplest but most secure and safest manner possible.

This level of demand from the consumer is having tremendous impact on the Service Provider’s traditional business models, with an increasing cost to serve allied to a greater threat of customer churn.

Singularly focusing on maximising operational efficiencies, driving down operational expense will not suffice by itself and innovation, agility and speed are paramount in addressing the new paradigm. In general, blighted by legacy operational systems, tools and processes Service Providers have to now tackle legacy, siloed, proprietary physical networks but also the overlay of cloud based virtual services.

In parallel to operational transformation, is the shift in how network infrastructure solutions are built and developed, where the continual churn and migration of hardware to sustain innovation, with it’s associated exponential CAPEX/OPEX is not viable. The richness of the Service Provider’s portfolio and ability to address new markets should no longer be constrained by the functionality/features of the underlying static network architecture.

If only addressing the above factors was the key to success. However the need to understand the customer more readily than a flashing red icon on Operators screen is paramount. Developing that wider and deeper understanding of the customer will unlock the ability to demonstrate greater customer centricity, personalisation and with it the ability to further monetize the existing customer base.

With change, comes challenge and none more so than the ability to provide a seamless service in the transition from wired to wireless, providing a consistent high quality of experience to the device. The ability to proactively better control and manage this environment would unburden the Service Provider from a volume of customer queries, complaints and churn.

There is therefore a need for a method of controlling a software defined network (SDN), and an SDN controller which addresses at least some of the drawbacks of the prior art.

SUMMARY
In one aspect there is provided a computer implemented method for controlling a software defined network (SDN); the method comprising:
providing a plurality of client portals which are configured for facilitating end users selecting resourses via local user interfaces;
providing a master control module in communication with the client portals and configured for managing flow control on the SDN network;
generating by the master control module a plurality of discrete control agents each associated with a particular end user and configured based on the resources selected by the particular end user; and
dispatching the discrete control agents to the local devices of the respective end users for controlling thereof.

In another aspect, the control agents are loaded to firmware contained on the local devices.

In a further aspect, the control agents are activated on a reset or a reboot of the local devices.

In one aspect the control agents are centrally controlled by the master control module.

In another aspect, the control agents are binary deployable.

In a further aspect, a record for each end user is maintained by the master control module.

In another aspect, the end users are authenticated prior to the dispatching of the control agents.

In one aspect, the master control agent generates a configuration file for each resourcewhich forms part of the servicesselected by the end user.

In another aspect, the configuration file is incorporated into the control agent.

In another aspect localised control is enabled for services specifically in relation to the services that the customer has selected

In another aspect the end device is not dumbed down but instead programable control is enabled locally and specifically enabled for the individual customer

In another aspect detailed low level analytics are gathered directly from the device and are transitted over to the orchestration solution to support customer managementand control.

In one aspect discrete control agents are dispatched to an in-home network for the gathering of transport protocol related information to ensure accurate delivery of the services in accordance with the control criteria selected by the end user.

In another aspect, a unified control plane is dispatched across multiple access technologies e.g. DOCSIS, FTTx, xDSL, Wi-Fi etc. but not limited to the technologies which are provided by way of example only, thereby enabling operators to singularly deploy and control services in a unified fashion.

In a further aspect, granular control of the end device is provided so that unlike vCPE it is not dumbed down but instead programable control is enabled locally and specifically for the individual device in relation to customer service requirements.

In one aspect, an instance of each resource in created on the cloud.

In a further aspect, the requested resource is accessible via the client portal.

In another aspect, a network-function virtualisation (NFV) instance is configued.

The present disclosure also relates to a network controller for a software defined network (SDN), the network controller comprising:
a plurality of client portals configured for facilitating end users selecting network resources via local user interfaces;
a master control module in communication with the client portals and configured for managing flow control on the SDN network; the master control module being operable to generate a plurality of discrete control agents each associated with a particular end user and configured based on the network resources selected by the particular end user; and
a communication module configured for dispatching or control of embeddeddiscrete control agents to one or more local devices of the respective end user for controlling thereof.

Additionally, the present disclosure relates to acomputer implemented method for controlling an SDN network; the method comprising:
providing a plurality of client portals which are configured for facilitating end users selecting network resourses of the SDN network via local user interfaces;
providing a master control module in communication with the client portals and configured for managing flow control on the SDN network;
generating a plurality of discrete control agents each associated with a particular end user and configured based on the network resources selected by the particular end user; and
dispatching the discrete control agents to one or more local devices of the respective end user for locally controlling thereof.

Furthermore, the present disclosure relates to a computer-readable medium comprising non-transitory instructions which, when executed, cause a processor to carry a methodfor controlling an SDN network; the method comprising:
providing a plurality of client portals which are configured for facilitating end users selecting network resourses of the SDN network via local user interfaces;
providing a master control module in communication with the client portals and configured for managing flow control on the SDN network;
generating a plurality of discrete control agents each associated with a particular end user and configured based on the network resources selected by the particular end user; and
dispatching the discrete control agents to one or more local devices of the respective end user for locally controlling thereof.

The present disclosure also relates to a computer implemented method for controlling a software defined network (SDN); the method comprising:
providing a plurality of client portals which are configured for facilitating end users selecting resourses via local user interfaces;
providing a master control module in communication with the client portals and configured for managing flow control on the SDN network;
generating by the master control module a plurality of discrete control agents each associated with a particular end user and configured based on the resources selected by the particular end user; and
dispatching the discrete control agents to the local devices of the respective end users for controlling thereof.

Additionally, the disclosure relates to a computer implemented method for controlling access in a software defined network (SDN); the method comprising:
providing a master control module configured for managing flow control on the SDN network;
generating by the master control module a plurality of discrete access control agents each associated with particular nodes of the SDN network node for controlling access thereto; and
dispatching the discrete access control agents to devices associated with the respective nodes for dynamically programming the devices with access control criteria.

The present disclosure also relates to a computer implemented method for controlling an in-home network in commmunciation with a software defined network (SDN); the method comprising:
providing a client portal for facilitating an end user interfacing with the in-home network for selecting local control criteria;
providing a master control module associated with the SDN network which in communication with the in-home network and configured for managing flow control;
generating by the master control module a plurality of discrete control agents each associated with a particular end user and configured based on the control criteria selected by the end user on the client portal; and
dispatching the discrete control agents to the in-home network for controlling the devices of the in-home network in accordance with the control criteria selected by the end user.

In one aspect, discrete control agents are dispatched to the in-home network for the gathering of transport protocol related information to ensure accurate delivery of the services in accordance with the control criteria selected by the end user.

The present disclosure also relates to a computer implemented method for controlling a DOCSIS compatible network; the method comprising:
providing a master control module on a cable modem termination system (CMTS) which is configured for controlling DOCSIS cable modems;
generating by the master control module a plurality of discrete control agents each associated with a particular DOCSIS cable modem; and
dispatching the discrete control agents to the DOCSIS cable modems for dynamically programming the DOCSIS cable modem with a boot-file from the CMTS without having to read a kernel daemon.

The foregoing and other features and advantages of preferred embodiments of the present disclosure are more readily apparent from the following detailed description. The detailed description proceeds with reference to the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

The present disclosure will now be described with reference to the accompanying drawings in which:

Fig.1is a block diagram illustrating an exemplaryarchitecture in accordance with the present teaching.

Fig.2is a block diagram illustrating details of the architecture of Figure 1.

Fig.3 is a graphical user interface for the architecture of Figure 1.

Fig. 4 is block diagram representation of a detail of the architecture of Figure 1.

Fig. 5 is a graphical representation of an SDN network in accordance with the present teaching.

DETAILED DESCRIPTION
Embodiments of the present disclosure will now be described with reference to an exemplary SDN architecture. It will be understood that the exemplary architecture is provided to assist in an understanding of the present teaching and is not to be construed as limiting in any fashion. Furthermore, modules or elements that are described with reference to any one Figure may be interchanged with those of other Figures or other equivalent elements without departing from the spirit of the present teaching.

For the service provider to address their challenges and meet the demands of the customer they must look to leverage and embrace recent technology innovations and standardisations. The drive to migrate away from proprietary vendor hardware solutions to a more dynamic software centric architecture overlaid on more generic hardware is now achievable. This architetcural approach focuses on the delivery and support of the customer experience with the aim of driving the business model of the network operater and generating custimer satsfaction.

Technologies that were largely developed for the cloud are now applicable to the network domain, converging Cloud and Network together as an overarching programmable platform for the delivery of real-time virtual services.This is made possible through the adoption of such technologies as:-

• Software Defined Networking (SDN) with OpenFlow - Networks do two things: they set up connections based on a set of criteria to identify the shortest, quickest or most secure path (the control plane) and then they move data across those connections (the data plane). The fundamental premise of SDN is to separate the decision-making happening in the control plane from the execution of those decisions in the data plane. OpenFlow allows direct access to configure and manage the forwarding plane of switches from different vendors, often each with their own proprietary interfaces and scripting languages to be managed remotely using a single Open Source.

• Network Function Virtualisation (NFV) - to decouple network functions from dedicated hardware devices and allow network services that are now being carried out by routers, firewalls, load balancers and other dedicated hardware devices to be hosted on virtual machines (VMs). Once the network functions are under the control of a hypervisor, the services that once require proprietary dedicated hardware can be performed on standard commercial off the shelf (COTS) hardware.

• OpenStack - is a set of Open Source software tools for building and managing cloud computing platforms for public and private clouds. OpenStack enables the deployment of virtual machines and other instances, which handle different tasks for dynamically managing a cloud environment.

• Big Data - Big data analytics is the process of examining large data sets containing a variety of data types to uncover hidden patterns, unknown correlations, market trends, customer preferences and other useful business information. The analytical findings can lead to more effective marketing, new revenue opportunities, better customer service, improved operational efficiency, competitive advantages over rival organizations and other business benefits.

• Open sourcesoftware - software that can be freely used, changed, and shared (in modified or unmodified form) by anyone. Open source software is developed by many individuals and communities, and distributed under licenses that comply with the Open Source Definition. Software can be then compiled from many sources to provide greater functionality without the need for individual development.

• DevOps – an emerging trend of Development and Operations converging on the same agile processes to build and deliver solutions in collaborative fashion as opposed to, in isolation of each other. By consequence solutions are delivered faster and with more quality.

The recent introduction and momentum behind such emerging technologies and processes provides the service provider with the opportunity to refresh and revitalise the IT stack, transform Operations and unleash the ability to monetize new innovative services, historically out of reach.

This transformation will not be easy; it will mean significant change to many existing operating and business models, while at the same time driving greater collaboration between many historically disparate departments. As the network and cloud evolves into the foundation of a dynamic eco-system, delivering high value, real-time and quality services to customers.

The solution in accordance with the present teaching enables Service Providers to realise these benefits, without need for massive churn of existing infrastructure, systems and resources.

The present solution has been developed to embrace and integrate the latest technology and open standards to provide a comprehensive suite of applications, which form an overarching SDN architecture. The goal of the present solution is to break the traditional operating models that have constrained the Service Provider’s business for many years. Through adistributed multi-tenant, extensible and light weight controlarchitecture, the opportunity to focus on service quality, delivery and new revenue opportunities rather than the managing of a multitude of proprietary, restrictive and expensive solutions from both network device vendors and OSS solutions providers are realised.

Utilising SDN and OpenFlow, the present solution is able to centrally manage all elements of the network from the cloud to the device, quickly visualising the network, ready for orchestration and control.

An exemplary architecture 10 in accordance with the present teaching is illustrated in Figure 1. The fundamentals of the architecture 10 provide a centralised but highly resilient control layer 12, facilitated through a federation of distributed co-controllers, forming a virtualised single point of SDN control.

Each federated individual controller in turn automatically dispatches a lightweight SDN controlling agent to each of the network devices in the infrastructure layer 16, providing complete visibility of the network.

At the Application layer 18, the architecture 10 integrates the orchestration of the Openstack cloud, to manage the delivery and configuration of cloud based virtual network services, applications and functions. Also residing in the Application layer 18 are series of tools and systems, cloud portals(Operations 22 and Visibility 20) which enable the Service Provider and their customers to operate, optimize and self-serve.

The overall architecture 10 integrates to the three layers of the SDN model providing a comprehensive suite of capabilities as graphically illustrated in figure 2.

Visibility - Customer Cloud Portal
In a world where everyone and everything is rapidly become more connected than ever, it is critical that customers are able to control and manage these growing diverse communities in a safe and secure manner.

The Customer Cloud Portal 20 is the hub of information and self-service for the customer. It provides fast access to a broad range of reports and tools, which enable the customer to select and understand their services and more critically, how these are being used.
Through an intuitive menu, the Customer Cloud Portal 20 enables the customer to access a wide portfolio of applications, services and upgrades, which can in real-time, be purchased, delivered and usable within minutes. For reporting, the customer is able to personalise individual portal access and information shown, detailing for example; usage, time of day, browsing activity and much more. The customer, now armed with this data has an informed choice as to what they then allow, prohibit and restrict.

The mapping function enables the customer to have visibility of all the connected devices in their home, through a simple topology with click down statics on each user. The portal 20 also provides real time notifications and recommendations which maybe of interest, based upon the customer profile and service usage. Extending the reach of the portal, these notifications can also be simply linked to mobile devices for off-line access to alerts.

Leveraging the present architecture 10, the Portal 20 is able to render real-time data on the network usage, performance and services selection, utilising the comprehensive flow of information and control between the Orchestrator, Cloud and Agent. With a suite of Opensource tools, APIs and languages the Portal 20 is able integrate and interact with the intelligence of an OpenFlow SDN Orchestrator to enable on-demand, real time self service provisioning from cloud to device.

Operations - The Operations Portal
The ever-increasing demand from customers for service quality, high availability, choice and customer care is placing the Network Operations Centre (NOC), with it’s associated tools, process and resources under overwhelming pressure. With services migrating from supply to demand, there has never been such a focus on operational excellence. The days of operations being completely removed from the customer experience are gone. Migrating such tools into the Call Centre to be at the forefront of CustomerTechnology is evolving at pace, SDN challenges the norms of network integrated data/control plane, with Cloud and NFV abstracting the physical topologies. Meantime, Operations is expected as a minimum to keep up but stay ahead of the curve.

The Operations portal 22 has been designed to provide the best of the old world while embracing the new, providing a suite of tools and reports which allow insight and intervention from the physical through to the application layer. Couple this with the ability to apply applications to detect and react dynamically to network events thus tackling issues real-time, far faster than has been possible with legacy tools and process.
Operations through various levels of access from Supervisor to user a selection of windows, which provide the full FCAPS (the recognized standard model and framework) suite of network management tools and reporting. It also allows the application of simple automated rules to proactively re-configure the network and virtual services, minimizing outages and service failures predicated on certain conditions being collated back from the network/devices.

The simplistic and intuitive nature of Operations 22 allows this to be deployed closer to the customer, in Service Provider customer call centers, giving greater visibility, potential resolution and sales capability to the call center agents than ever previously experienced.

An exemplary interface 24 of the architecture 10 is graphically illustrated in figure 3.

Dashboard26 provides a high level overview of network heath, utilisation, trends etc. with the ability to click down through the virtual and network hierarchy to view, assess and diagnose network and component issues.

Inventory28provides a complete asset list sorted by choice of network and virtual components providing information on type of equipment, vendor, addressing, utilisation etc.

Network Data30 provides a mapped physical network topology visualised to provide an overview across the complete network cloud to device. Applications for performance and trend analysis to determine congestion, predict errors and re-route traffic through constant monitoring and identifying abnormal behavior.

User Management32 provides capability to set both customer and operational level of access and security, from full access to limited read only. Both customer automated and manual provisioning set-up with comprehensive reporting, threshold management, service enablement, profile review and notifications.

Remote Management 34 providesa suite ofremote diagnostic tools to trouble shoot and isolate faults across the physical and virtual networks.

Topology36provides visualisation of the virtual services and how these are mapped from VM to the customer, alignment with the physical network to understand how the virtual services are routed and delivered.

Reports38provides a suite of customisable analytics gathered through the Jupiter Orchestrator and Agents able to provide a wealth of information at the cloud, network, device and user level. Providing both graphical and tabular real time and historic data, able to be abstracted into business analysis tools offering greater insight topics such as, capacity planning, potential customer upgrade paths, new services and security risks.

Alarms40provides the traditional Network Management System screen for identifying faults but leveraging the benefits of SDN is able to provide deeper network and device insight into traffic patterns and sources of issue.

Customer Services 42provideslook-up of trouble tickets by customer, analysis of most commonly identified issues.

Utilising SDN NetConf and OpenFlow data models Operations 22 is published, through a series of APIs, a wealth of information gathered from the Orchestrator 44 and remote Agents 46. These data models are fully extensible and able to gather data analytics at the very edges of network at device level, unlike many other systems, which use probes and in-line tools to gather aggregated network data.

Similarly, Operations 22 is able to translate operator and customer self-service requests, pushing control and policy to the cloud and network for provisioning, services and fault resolution/avoidance, automating processes which would historically taken weeks to minutes. Unlike previous tools and system, the present solution is able to prescribe, dynamically respond and adapt to network behavioural patterns and events eliminating the need for reactive operational support.

Architecture 10 provides tools and feature-rich API’s to encourage, the develop, build and integration of third party SDN and NFV applications in order to define policies, rules and optimisation for the network. Through a Software Development Kit, architecture 10 opens itself to the integration with billing and operational solutions, value creation from well established and known applications e.g. SalesForce, SAP etc. as well as new innovative developments which push the envelope of what software can define in the network and cloud.

An exemplary SDN controller 100 in accordance with the present teaching is illustrated in figure 4. For example, the SDN controller 100 may reside in the control layer 12 of Figure 1. The controller 100 comprises a master control module 105 in communication with the customer cloud portals 20 and configured for managing flow control on the SDN network. The master control module 105 is operable to generate a plurality of discrete control agents 46 each associated with a particular end user and configured based on the network resources selected by the particular end user. The master control module 105 is configured for dispatching the discrete control agents 46 to one or more local devices of the respective end user for controlling thereof.

The architecture of the controller 100 in the exemplary embodiment has two planes of operation. The master control module 105 is provided on a management plane 115 and handles administrative tasks like authentication, logging, and configuration. The control agents 110 are provided on a control plane 118 and administer the internal device operations, providing the instructions used by the engines to direct the packets; it also runs the routing and switching protocols and feeds operational data back to the management plane 115.The data plane 120 is the engine room that moves packets through the device, using the flow routing table supplied by the control plane 118 to determine the output port.

The controller 100 operates as an out-of-band controller that fetches and dynamically programmes the configuration of the onsite CPE and appliances based upon the services the customer has purchased. Flows are controlled from the appliance or CPE and a bespoke topological forwarding map is created for the customer environment to enable accurate forwarding decisions. Appliances and CPE are enabled with this light weight out of band SDN controller that is integrated with a remote orchestration solution to receipt instructions sets and to automatically deliver service flow control, analytics gathering and to trigger customer requested changes to the customer services in real time.

The controller 100 may be distributed as a lightweight controller on a range of low power, low CPU CPE’s and provision services at a highly reduced latency to enable high quality, value add SLA delivery while significantly improving an organization’s ability to quickly adapt to changing customer/network demands.It provides complete end-to-end visualization of all NFV and SDN services that is both hierarchical and multi-layer. This visualization also includes integrated alarming, availability, performance, service quality, and SLA conformance information making it a single view for comprehensive assessment of service health. This brings a dynamic and accurate view and reachability of network and associated services, a consolidated view of the health of each service and resource management and the ability to quickly troubleshoot and identify impacted services.

Numerous collection drivers provide visibility into the physical and logical infrastructure. Periodic and continuous collection mechanisms are possible with a standards based approach supporting Simple Network Management Protocol (SNMP), NetConf, NetFlow, BGP-LS and command line interface (CLI). The controller 100 performs global or tactical Interior Gateway Protocol (IGP) metric modification for non-MPLS networks or Label Switched Path (LSP) optimization to run networks at higher levels of sustained utilization and resiliency.

A deployer configures and modifies LSPs and/or IGP metrics using a set of flexible programming options including PCEP, configlets, NETCONF/YANG, OpenFlow and Interface to the Routing System (I2RS), thus offering comprehensive control of the network. Jupiter acts on all the 7 layers of SDN namely- Service exchange layer, vServices layer, control layer, transit layer, distribution layer, access layer and receptor layer making it deployable from the CPE(CE) to Provider edge.

Network Operators currently run connectivity to customers across a variety of access technologies such as RAN, WIFI, DOCSIS, FTTx, xDSL, Metro Ethernet etc. When operating these millions of devices which span these multitude of technologies the operators are forced into to use a multitude of control mechanisms to try to deliver basic services to customers.

In addition new services are limited because of the lack of a dynamic method of updating a service. This is majorly due to the absence of any unified management protocol. In present implementation we utiliseOpenFlow and combine it with NetConf to achieve a super management platform for the control and data elements that make up the provisioning management and control of the appliances and CPE and through this permit the integration to the customer of cloud based services within a closed and orchestrated environment.The present teaching is designed to create a unified control plane across multiple access technologies therefore allowing operators to singularly deploy and operate services across multiple access technologies e.g. DOCSIS, FTTx, xDSL, Wi-Fi etc.

The Flow Manager maintains and keeps track of Forwarding states in a masterdatabase. The forwarding states indicate the flow table that is currently running on everyswitch currently under control.

A perswitchforwarding master table will be primed at regular intervals (ex. 6 seconds / 3
HELLO intervals). This enables the controller to maintain a topological view and states ofthe controller and switching network.A protocol (like STP) will be deployed for this purpose.

The flow manager performs addition, modification and deletion flow operations on every switchunder it’s control. This communication will be carried out on a secure channel (e.g. SSL) betweencontroller and the switch. These operations will be in compliance with OpenFlow 1.0specifications.

An unmodified OpenFlowcompliant switch locally maintains Forwarding states, forwardingtable. Also allows flow management through addition,modification and deletion operations.It is considered as a Physical Switch, if it is a standalone device dedicated for Data Planeactivities.

The switch will be recognised by the controller over an IP address assigned dynamically
(DHCP) by the controller. As part of the lease the controller’s IP address (1 or 2) will also beassigned. The secure keys and such credentials for SSL/TLS will be exchanged as PKImechanism (TBD).

These processes manage routing / forwarding table, Routing protocols and provide user accessto this information. Routing engine has following main modules.

The architecture maintains perswitchthis Forwarding Database (FDB). This works much like a traditionalL2/MACLearningSwitch. The FDB is maintained and periodically updated with entries.

The FDB is assumed to be aging at 5s interval, therefore all aged entries must be deleted
appropriately.The FDB gets updated on every Switch that becomes ready.The FDB also gets updated on every Packet_In message. This is called as a Learn phase. Inthis phase a forwarding entry record is made, if there exists no matching entry.At the end of Learn phase, if the key combination ($(DMAC, DPID)) is found, the packet isdirectly forwarded to Pot# as recorded in the FDB. Otherwise initiate an OFPP_FLOOD action.

In an exemplary embodiment, a methoduses the SDN controller 100 to eliminate boot file management of Docsis cable modems and automating service orchestration. The SDN controller 100 is configured for provisioning and orchestration of the IP stack and distributed networking of in-home services in docsis modems. The controller 100 works as an out-of-band controller that fetches and dynamically programmes the boot-file from CMTS to cable modem without having the need to read as a kernel daemon thereby reducing the processing requirements of the CM as well as elimination of operators need to maintain multiple boot files.

Currently millions of cable modems are being provisioned globally but one of the biggest weakness that may be perceived in the [DOCSIS] provisioning model is the lack of a dynamic method of updating a service. Few of the key issues troubling MSO’s and subscribers can be described as:

•Sharing personal content across router boundaries
• Optimizing in-home network paths
• MSO visibility and management of the home network
• Consistently administering and enforcing policy – Firewall – Parental controls
• Remote access
• New services

Many service providers operate their network with little or weak central control over its configuration and management. This means that the network configuration and state is effectively stored in a giant distributed database. This is not inherently a bad state of affairs, but network operators aren’t always good at getting the information in that giant database into a form that is usable for making business decisions that optimize the use of the network and the services that run over it.

On a preliminary admission, the boot file handles the DNA of any given DOCSIS cable modem and if this could be made dynamic and programmable, all of the above issues can be addressed.

The operator will be able to reduce the service provisioning process to a single transaction rather than a complex series of steps involving multiple systems and humans.

In this method/model, the service definition and topologies are abstracted from the physical access and the devices used to provide the service. This abstraction allows for maximum flexibility in building a provisioning system that is agnostic to the access technologies being used. For example when complex services like L3VPN need to be offered to customers or a certain predefined PE-CE routing protocol configuration needs to be done to ensure correct routes are announced/filtered complex and chained services, such as providing inline firewall services, or providing access to cloud services from within a VPN are required to be done. Higher layer services like these are examples of services where the service definition may extend beyond attachment circuits and elements in the network participate in the routing protocol and require more state exchange between the end point and the network, so in these todays DOCSIS provisioning model may be inadequate and hence our combination of SDN to manage such orchestration via OpenFlow is extremely useful for rapid provisioning and service updates.

The techniques introduced here can be embodied as special purpose hardware (e.g. circuitry), or as programmable circuitry appropriately programmed with software and/or firmware, or as a combination of special-purpose and programmable circuitry. Hence various embodiments may include a machine-readable medium having stored thereon instructions which may be used to program a computer (or other electronic devices) to perform a process. The machine readable medium may include, but is not limited to, optical disks, compact disk read-only memories (CD-ROMs), and magneto-optical disk, ROMs, erasable programmable read-only memories (EPROMs), electrically erasable programmable read-only memories (EEPROMs), magnetic or optical cards, flash memory, Solid State Drives (SSDs) or other type of media/machine-readable medium suitable for storing electronic instructions.

It will be understood that what has been described herein is an exemplary system for controlling an SDN network. While the present teaching has been described with reference to exemplary arrangements it will be understood that it is not intended to limit the teaching to such arrangements as modifications can be made without departing from the spirit and scope of the present teaching.

It will be understood that while exemplary features of a system in accordance with the present teaching have been described that such an arrangement is not to be construed as limiting the invention to such features. The method of the present teaching may be implemented in software, firmware, hardware, or a combination thereof. In one mode, the method is implemented in software, as an executable program, and is executed by one or more special or general purpose digital computer(s), such as a personal computer (PC; IBM-compatible, Apple-compatible, or otherwise), personal digital assistant, workstation, minicomputer, or mainframe computer. The steps of the method may be implemented by a server or computer in which the software modules reside or partially reside.

Generally, in terms of hardware architecture, such a computer will include, as will be well understood by the person skilled in the art, a processor, memory, and one or more input and/or output (I/O) devices (or peripherals) that are communicatively coupled via a local interface. The local interface can be, for example, but not limited to, one or more buses or other wired or wireless connections, as is known in the art. The local interface may have additional elements, such as controllers, buffers (caches), drivers, repeaters, and receivers, to enable communications. Further, the local interface may include address, control, and/or data connections to enable appropriate communications among the other computer components.

The processor(s) may be programmed to perform the functions of the method for retrieving information. The processor(s) is a hardware device for executing software, particularly software stored in memory. Processor(s) can be any custom made or commercially available processor, a central processing unit (CPU), an auxiliary processor among several processors associated with a computer, a semiconductor based microprocessor (in the form of a microchip or chip set), a macroprocessor, or generally any device for executing software instructions.

Memory is associated with processor(s) and can include any one or a combination of volatile memory elements (e.g., random access memory (RAM, such as DRAM, SRAM, SDRAM, etc.)) and nonvolatile memory elements (e.g., ROM, hard drive, tape, CDROM, etc.). Moreover, memory may incorporate electronic, magnetic, optical, and/or other types of storage media. Memory can have a distributed architecture where various components are situated remote from one another, but are still accessed by processor(s).

The software in memory may include one or more separate programs. The separate programs comprise ordered listings of executable instructions for implementing logical functions in order to implement the functions of the modules. In the example of heretofore described, the software in memory includes the one or more components of the method and is executable on a suitable operating system (O/S).

The present disclosure may include components provided as a source program, executable program (object code), script, or any other entity comprising a set of instructions to be performed. When a source program, the program needs to be translated via a compiler, assembler, interpreter, or the like, which may or may not be included within the memory, so as to operate properly in connection with the O/S. Furthermore, a methodology implemented according to the teaching may be expressed as (a) an object oriented programming language, which has classes of data and methods, or (b) a procedural programming language, which has routines, subroutines, and/or functions, for example but not limited to, C, C++, Pascal, Basic, Fortran, Cobol, Perl, Java, and Ada.

When the method is implemented in software, it should be noted that such software can be stored on any computer readable medium for use by or in connection with any computer related system or method. In the context of this teaching, a computer readable medium is an electronic, magnetic, optical, or other physical device or means that can contain or store a computer program for use by or in connection with a computer related system or method. Such an arrangement can be embodied in any computer-readable medium for use by or in connection with an instruction execution system, apparatus, or device, such as a computer-based system, processor-containing system, or other system that can fetch the instructions from the instruction execution system, apparatus, or device and execute the instructions. In the context of this disclsoure, a "computer-readable medium" can be any means that can store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. The computer readable medium can be for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or propagation medium. Any process descriptions or blocks in the Figures, should be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps in the process, as would be understood by those having ordinary skill in the art.

The above detailed description of embodiments of the disclosure is not intended to be exhaustive nor to limit the disclosure to the exact form disclosed. While specific examples for the disclosure are described above for illustrative purposes, those skilled in the relevant art will recognize various modifications are possible within the scope of the disclosure. For example, while processes and blocks have been demonstrated in a particular order, different implementations may perform routines or employ systems having blocks, in an alternate order, and some processes or blocks may be deleted, supplemented, added, moved, separated, combined, and/or modified to provide different combinations or sub-combinations. Each of these processes or blocks may be implemented in a variety of alternate ways. Also, while processes or blocks are at times shown as being performed in sequence, these processes or blocks may instead be performed or implemented in parallel or may be performed at different times. The results of processes or blocks may be also held in a non-persistent store as a method of increasing through put and reducing processing requirements.

In general, the terms used in the following claims should not be construed to limit the disclosure to the specific examples disclosed in the specification, unless the above detailed description explicitly defines such terms. Accordingly, the actual scope of the disclosure encompasses not only the disclosed examples, but also all equivalent ways of practicing or implementing the disclosure under the claims.

From the foregoing, it will be appreciated that specific embodiments of the disclosure have been described herein for purposes of illustration, but that various modifications may be made without deviating from the spirit and scope of the disclosure. Accordingly the disclosure is not limited.

We claim:
1. A computer implemented method for controlling a software defined network(SDN); the method comprising:
providing a plurality of client portals which are configured for facilitating end users selecting resourses via local user interfaces;
providing a master control module in communication with the client portals and configured for managing flow control on the SDN network;
generating by the master control module a plurality of discrete control agents each associated with a particular end user and configured based on the resources selected by the particular end user; and
dispatching the discrete control agents to the local devices of the respective end users for controlling thereof.