Software Defined Networking (SDN) deconstructs the current routing infrastructure into a small number of controllers, which are general purpose computers, and a large number of switches which are programmable forwarding engines. It is already deployed in data centres, where it offers considerable advantages of both cost and flexibility over a switching fabric of traditional routers. Such applications have a single controlling organisation and issues of trust between subdomains do not really arise. However for SDN to fulfil its potential, it is necessary to design and develop mechanisms for smart networks with mutually mistrustful principals. In an earlier paper, we used as an example an airport where we might have 100,000 staff working for 3,000 different firms which include not just competitors but also organisations in a state of conflict (for example, El Al and Iran Air). That paper discussed using hierarchical control structures to delegate trust with mechanisms focussed on preventing denialof- service attacks, with the assumption that confidentiality and integrity would be provided by the principals at higher layers. But this turns out to be a quagmire. Can you run your app and your enemy’s app on the same controllers of the same fabric, and get a passable separation of behaviour on private networks that run over the same switches? And can all this be done without a trusted root anywhere? This paper reports a project to build a test environment that adapts Quagga so that a software defined network can be automatically configured using information learned from BGP. Our Quagga for SDN Module, “QuaSM”, is designed to support the use of SDN in three further use cases: in a network exchange point, in an organisation seeking to join up two or more SDN islands using an existing BGP fabric; and in security research on virtual networking.