NFV and SDN are two of the most significant transformations in networking over the past decade. They emerged around the same time, are often discussed together, and frequently appear in the same deployments. Yet they are fundamentally different technologies solving different problems.

The confusion between NFV and SDN is common—even among experienced network professionals. Both represent shifts toward software-based networking, both aim to increase flexibility and reduce costs, and both challenge traditional network architecture. But their approaches, origins, and mechanisms are distinct.

Understanding how NFV and SDN relate—where they overlap, where they differ, and how they complement each other—is essential for designing modern network infrastructure. This page provides that understanding.

Before exploring how NFV and SDN work together, we must clearly distinguish what each technology actually is and what problems it solves.

Software-Defined Networking (SDN):

SDN is an architectural approach that separates the control plane from the data plane in network devices, centralizing control in software-based controllers.

Core SDN Principles:

• Separation of Concerns: Control logic removed from individual network devices
• Centralized Control: Network-wide decisions made by central controller
• Programmability: Network behavior defined through software/APIs
• Open Interfaces: Standardized protocols (OpenFlow) between layers

Network Function Virtualization (NFV):

NFV virtualizes network functions that traditionally ran on proprietary hardware appliances, implementing them as software on commodity hardware.

Core NFV Principles:

• Virtualization: Network functions as software, not hardware
• Commodity Infrastructure: Standard servers, not specialized appliances
• Decoupling: Software lifecycle independent of hardware
• Automation: Lifecycle management through MANO

The Key Insight:

• SDN is about the control and management of network connectivity
• NFV is about the execution environment for network functions

They operate at different points in the network architecture:

• SDN addresses: How do we route traffic? How do we configure forwarding rules?
• NFV addresses: Where do we run the firewall? How do we deploy the load balancer?

This distinction explains why they're complementary—they solve different problems that both exist in a complete network architecture.

A crucial principle to understand: NFV and SDN are independent technologies. Neither requires the other. Yet they are deeply complementary, and combining them creates more powerful solutions than either alone.

NFV Without SDN:

Perfectly viable—and commonly deployed:

• VNFs deployed on commodity servers
• Traditional networking connects VNFs and external networks
• VLANs, standard IP routing, conventional switches
• NFV benefits (virtualization, automation) without SDN complexity

Use Cases:

• Initial NFV deployments prioritizing simplicity
• Environments with existing network infrastructure investment
• Organizations lacking SDN expertise

SDN Without NFV:

Also common—SDN emerged earlier and has its own deployment patterns:

• Physical network devices with separated control plane
• SDN controllers manage forwarding on hardware switches
• Network functions remain on physical appliances

Use Cases:

• Data center fabrics (spine-leaf with SDN control)
• Campus networks with SDN-based policy
• WAN optimization with SD-WAN

NFV + SDN Together:

When combined, NFV and SDN create synergies neither achieves alone:

SDN Enhances NFV:

• Dynamic VNF connectivity as VNFs scale
• Service function chaining through SDN forwarding
• Network policies following VNFs as they migrate
• Simplified multi-tenant network isolation
• Consistent network abstraction across NFVI

NFV Enhances SDN:

• SDN controllers as VNFs (virtualized control plane)
• SDN applications deployed as VNFs
• NFV infrastructure hosting SDN elements
• Unified orchestration for network and functions

The Resulting Architecture:

In the most advanced deployments, NFV and SDN merge into a unified software-defined infrastructure:

• VNFs provide network functionality
• SDN provides connectivity between VNFs
• Unified orchestration manages both
• Complete network is software-defined

One of the most important integration points between NFV and SDN is using SDN to connect VNFs within the NFV Infrastructure. SDN-based virtual networking provides the flexibility and programmability that dynamic VNF deployments require.

The NFVI Networking Challenge:

VNFs create unique networking demands:

• Dynamic Instantiation: New VNFs appear and disappear frequently
• Scaling: VNF instances scale out and in based on load
• Migration: VNFs may move between hosts for maintenance or load balancing
• Multi-Tenancy: Different VNFs/tenants require isolation
• Service Chaining: Traffic must flow through VNF sequences

Traditional networking struggles with this dynamism—VLANs don't scale, static configurations can't keep pace with VNF changes, and manual provisioning creates bottlenecks.

SDN Virtual Networking Solutions:

SDN-based virtual networking addresses these challenges:

SDN Controller Integration with VIM:

In OpenStack-based NFVI, SDN integrates through Neutron plugins:

1. VNFM requests network via NFVO/VIM APIs
2. Neutron receives request and delegates to SDN plugin
3. SDN controller programs virtual switches on compute nodes
4. VNF connectivity established automatically
5. Policies enforced through SDN flow rules

This integration enables:

• Automatic network provisioning as VNFs instantiate
• Consistent policy enforcement across VNF instances
• Network reconfiguration as VNFs scale or migrate
• Centralized visibility into VNF connectivity

One of the most powerful integrations of NFV and SDN is Service Function Chaining (SFC)—the ability to define and enforce traffic paths through sequences of VNFs.

The SFC Concept:

Traffic passing through a network often requires processing by multiple functions. Traditionally, this meant physical cabling through appliances. In NFV, we want the same chaining—but dynamically, for virtualized functions.

Example Service Chains:

• Enterprise Security: Firewall → IDS/IPS → Web Proxy → Content Filter → NAT
• Mobile Network: DPI → Policy Control → Charging → NAT44 → Internet
• Cloud Provider: Load Balancer → WAF → Application Servers → Cache

The SFC Challenge:

Without SDN, traffic must be explicitly routed through each VNF—complicating addressing, creating single points of failure, and limiting flexibility. SDN provides the mechanisms to define chains declaratively and enforce them through forwarding rules.

SFC Architecture Components:

Classifier:

• First element in the chain
• Identifies traffic that should enter the chain
• Matches on any packet headers (5-tuple, VLAN, etc.)
• Attaches SFC metadata to qualifying traffic

Service Function Path (SFP):

• Ordered list of service functions for traffic to visit
• Defined by the orchestrator/controller
• May have multiple paths for different traffic classes

Service Function Forwarder (SFF):

• Steers traffic to the next function in the chain
• Present at each hop in the chain
• May be implemented in OVS, smart NICs, or physical switches

Network Service Header (NSH):

• RFC 8300 standard for SFC metadata
• Carried with packets through the chain
• Contains: Service Path ID, Service Index, Metadata
• Service Index decremented at each hop

SDN Enables Dynamic SFC:

The power of SDN-based SFC comes from its dynamism:

• Chain Modification: Add/remove functions without reconfiguring VNFs
• Traffic Steering: Redirect specific flows to different paths
• Scaling Integration: Update chains as VNFs scale out
• Failure Handling: Reroute around failed VNF instances
• Policy Enforcement: Apply business rules to chain selection

SFC Implementation Options:

The relationship between NFV and SDN isn't merely about SDN enabling NFV—NFV can also host SDN components. SDN controllers themselves are software applications that can run as VNFs on NFV infrastructure.

SDN Controller Virtualization:

Traditionally, SDN controllers run on dedicated servers or VMs. In an NFV context, they become VNFs:

• Deployed through standard MANO procedures
• Scaled dynamically based on network size
• Managed with VNF lifecycle operations
• Benefiting from NFVI HA capabilities

Benefits of Controller-as-VNF:

• Unified Management: Single orchestration for all network software
• Dynamic Placement: Deploy controllers close to managed infrastructure
• Elastic Scaling: Scale controller capacity with network growth
• Consistent Operations: Same lifecycle management as other VNFs

Architectural Considerations:

Deploying SDN controllers as VNFs introduces dependencies that require careful design:

Bootstrap Problem:

• VNF deployment requires networking
• But networking is provided by SDN controller
• Solution: Separate management network, staged bootstrap

High Availability:

• Controller failure impacts all managed network elements
• HA clustering essential (multiple controller instances)
• Anti-affinity placement across physical hosts

Performance Sensitivity:

• Controller latency affects network responsiveness
• May require low-latency placement options
• Consider SR-IOV for controller networking

Versioning and Updates:

• Controller updates affect entire network
• Careful rolling update procedures
• Fallback strategies for failed upgrades

Various integration patterns have emerged for combining NFV and SDN in production deployments. Understanding these patterns helps in selecting the right approach for specific requirements.

Pattern 1: SDN-Enabled Underlay

SDN manages the physical network fabric; NFV runs independently on top.

┌─────────────────────┐
│  VNFs (NFV Layer)   │
├─────────────────────┤
│  Virtual Networking │  ← Traditional (VLANs) or Overlay
├─────────────────────┤
│  SDN-Controlled     │  ← SDN manages physical switches
│  Physical Fabric    │
└─────────────────────┘

Characteristics:

• SDN optimizes physical network (spine-leaf, traffic engineering)
• VNF networking uses standard virtualization mechanisms
• Clear separation between infrastructure and workload networking
• Simpler to implement than full SDN integration

Pattern 2: SDN-Managed Overlay

SDN extends into virtual networking, managing VNF connectivity through overlay networks.

┌─────────────────────┐
│  VNFs (NFV Layer)   │
├─────────────────────┤
│  SDN-Controlled     │  ← SDN controller manages overlays
│  Virtual Networking │     (Neutron + SDN plugin)
├─────────────────────┤
│  Physical Fabric    │  ← May or may not use SDN
└─────────────────────┘

Characteristics:

• Complete programmability of VNF networking
• Dynamic network provisioning as VNFs scale
• Enables advanced features (SFC, microsegmentation)
• More complex, requires mature SDN implementation

Pattern 3: Unified SDN Fabric

Single SDN controller manages both physical and virtual networking.

┌─────────────────────────────────────┐
│                                     │
│         SDN Controller              │
│  (Manages physical + virtual)       │
│                                     │
└─────────────┬───────────────────────┘
              │
        ┌─────┴─────┐
        ▼           ▼
    Physical    Virtual
    Switches    Switches

Characteristics:

• Most comprehensive integration
• End-to-end network visibility and control
• Single policy domain across all networking
• Highest complexity, requires deep integration

Real-World Implementation Examples:

Pattern 1 Example: Arista EOS + OpenStack

• Arista EOS with CloudVision manages leaf-spine fabric
• OpenStack Neutron with ML2/OVS for VNF networking
• Clear boundary at ToR switches

Pattern 2 Example: OpenStack + Tungsten Fabric

• Tungsten Fabric (Contrail) provides SDN overlay
• Neutron API with Tungsten plugin
• Overlay extends to bare-metal and VMs

Pattern 3 Example: VMware NSX-T + vCloud NFV

• NSX-T manages physical and virtual networking
• vCloud NFV for MANO
• Integrated microsegmentation and SFC

The Linux Foundation hosts key open-source projects that combine NFV and SDN capabilities, providing integrated platforms for software-defined network infrastructure.

ONAP (Open Network Automation Platform):

ONAP is the most comprehensive open-source platform for network automation, combining NFV orchestration with SDN control:

Key ONAP Capabilities:

• Design-time Framework: Service design, policy creation, VNF onboarding
• Runtime Framework: Orchestration, controllers, inventory
• Controllers: SDN-C (SDN Controller), APP-C (Application Controller)
• Policy Framework: Declarative policy for automation
• AAI (Active and Available Inventory): Real-time resource tracking

OPNFV (Open Platform for NFV):

OPNFV (now merged into Anuket) focused on NFV infrastructure and testing:

• Reference Architecture: Validated NFVI configurations
• Testing Frameworks: Functest, Yardstick, Bottlenecks
• Integration Projects: Verified component combinations
• Installer Projects: Multiple NFVI deployment options

Anuket (OPNFV + CNTT Merger):

The Anuket project continues OPNFV's mission with added focus on cloud-native:

• Reference Model: Standardized infrastructure definitions
• Reference Architecture: RA1 (OpenStack), RA2 (Kubernetes)
• Reference Implementation: Validated deployments
• Reference Conformance: Testing and certification

Open Source NFV+SDN Stack:

We've comprehensively explored the relationship between NFV and SDN. Let's consolidate the key concepts:

What's Next:

With the NFV-SDN relationship understood, we'll explore NFV Use Cases in the final page of this module—examining how NFV is deployed in practice across telecommunications, enterprise, and service provider environments.