Network Function Virtualisation (NFV) BoF

Network Functions Virtualization (NFV)
Santanu Dasgupta
Sr. Consulting Engineer – Service Provider Network Architecture
BOF Meeting – APRICOT 2015
3rd March, 2015

Cisco Confidential 2© 2013-2014 Cisco and/or its affiliates. All rights reserved.
APRICOT 2015 NFV BOF Outline
§  At APRICOT 2014, the NFV BOF meeting that I hosted was focused around some of the
basic and introductory concepts of NFV
§  For APRICOT 2015, the focus area would be a few advanced topics
§  However, we can go back to some basics too – there is a section at the end of this slide
§  Please jump on with your top of the mind issues that you want to discuss
§  Need active participations from everyone

APRICOT 2015 NFV BOF – Topics For Discussion
§  The State of Service Provider NFV and Major Use Cases
§  Data Plane Connectivity Models for VNFs / VMs to achieve high performance
§  Overlay Encapsulation in the DC for MPLS Operators
§  NFV Service Assurance
§  Service Chaining in NFV
§  Applicability of Linux Container Technology in NFV
§  The skillset evolution requirement for engineers
§  Other topics you want to discuss
§  NFV Introduction – as a placeholder

The SP NFV Landscape and Major Use Cases
§  Top of mind for most / all Service Providers
§  Lot of expectations –
§  CAPEX & OPEX reduction
§  Agility with end-to-end automation and cloud centric service delivery models
§  Faster time to market for new services
§  Architecture transformation
§  Increased use of generic hardware and open source software,
§  Higher openness and standardization
§  Lets have a Reality Check Done with the folks in the meeting
§  Overall the state of technology and deployment at still in primitive stage
§  Major areas of focus
§  Cloud Centric Managed Services (Managed CPE, Security, VPN, Value Added Services…)
§  Virtualized Mobile Packet Core and Virtualized Gi-LAN
§  SP Infrastructure NFV (Virtual BRAS/BNG, Virtual RR, Virtual DNS, Virtual PE…)
§  Do you guys have any other major use case that is important to you?
Topic #1

Data Plane Connectivity Models for VNFs / VMs
vSwitch
Tenant VM Tenant VM
KVM
NIC
Multi-tenanted
vRouter / vSwitch
vSwitch
Tenant VM Tenant VM
KVM
NIC
Tenant VM Tenant VM
§  Multi-tenanted vSwitch (such as OVS) in kernel,
may be with additional extension to do routing
§  Performance may be typical concern
§  Other possible concerns – Fault tolerance,
kernel recertification needs …
§  High performance multi-tenanted vRouter/
vSwitch in the user space
§  vSwitch in the kernel as patch panel for tenant
VM connectivity
§  Concern – the vSwitch patch panel performance
Topic #2
Multi-tenanted vSwitch
vSwitch (as Patch Panel)

Data Plane Connectivity Models for VNFs / VMs …contd
High Performance Multi-tenanted vRouter/vSwitch
Tenant VM Tenant VM
KVM
NIC
Tenant VM Tenant VM
vSwitch
Tenant VM Tenant VM
KVM
NIC
Multi-tenanted
vRouter / vSwitch
vHost User
§  Move that high performance multi-tenanted
vRouter / vSwitch in the kernel space
§  Remove the need of additional vSwitch as patch
panel
§  But fault tolerance, other kernel related issues
are back here in this model
§  Retain the high-performance multi-tenanted
vRouter/vSwitch in the user space
§  Use vhost-user process for inter-VM traffic by
direct memory copy – no hypervisor involved
§  Need to ensure proper memory copy operation
to ensure security, stability etc
Topic #2
vSwitch (as Patch Panel)

Data Plane Connectivity Models for VNFs / VMs …contd
vSwitch
Tenant VM Tenant VM
KVM
NIC
Tenant VM Tenant VM
TOR Switch
802.1q
VXLAN / MPLSoGRE
SR-IOV
Tenant VM Tenant VM
KVM
NIC
Tenant VM Tenant VM
TOR Switch
802.1q
VXLAN / MPLSoGRE
§  No multi-tenanted vRouter/vSwitch anymore
§  Use a TOR switch for VXLAN – VLAN mapping
§  Appropriate VLANs mapped to the VMs through
the vSwitch in the kernel
§  Scalable Layer 3 service chaining may be a
challenge to implement
§  No vSwitch anywhere!
§  Use a TOR switch for VXLAN – VLAN mapping
§  SR-IOV to map the traffic from PNIC to the
appropriate VMs
§  Scalable Layer 3 service chaining may be a
challenge to implement
Topic #2

Encapsulation within the DC / NFV POD for MPLS Operators
vNAT vFW
VXLAN / MPLSoGRE / MPLSoUDP
IPIP MPLS
vNAT vFW
MPLS (Segment Routing / LDP)
IPIP MPLS
Current Approaches
Possible Alternate ?
End-to-end common encap, uniform OAM, easy operations and troubleshooting
But now, the DC/NFV POD underlay devices need to run label switching
CPE
CPE
PE DCI DCI
DCIDCIPE
Topic #3

NFV Service Assurance
A huge topic, but appeared to be on back burner for a long time
Service Level Management
Collection
NFVI
Performance
Management
Fault Management
Analytics
Planning and
Optimization
Operator’s Console, DashboardsKey Capabilities:
Key Capabilities:
Key Capabilities:
Key Capabilities:
Topic #4

Service Chaining in NFV
§  Many thoughts across the industry and technical communities
§  Different solutions emerging –
§  Network Service Header (NSH) – being standardized at IETF
§  L3 Routed Service Chain (orchestrated) along with BGP for WAN integration
§  Segment Routing based service chaining
§  VLAN stitching
§  NSH gaining traction and has a lot of promise
§  Extensive metadata capabilities to carry rich set of policies
§  In-band OAM becoming a possibility – the IP and Ethernet generation had missed it so far
§  However some feedback are coming around its complexity
§  True benefit of NSH may require all VNFs to support it across industry
•  There may be some issue with time to market, performance impact etc.
Topic #5

Service Chaining with Remote DC & Across Multiple Sites
Layer 3 and BGP Capabilities are Critical (MPLS Environment)
POD 2/DC 2
Underlay
R2 R4
PE2 PE3
2.2.2.0/24 4.4.4.0/24
SDN
Controller
RT 2:200 RT 4:400
Import 2:200 Import 4:400
4.4.4.0/24, via PE3
Route Leak with modified NH
Import4:400
VRF_A1 VRF_A2
VRF_A1 VRF_A2
VRF_A VRF_A
For Outgoing traffic from Server:
2.2.2.0/24, via DCI, Label 100
4.4.4.0/24, via DCI, Label 200
For Incoming traffic to Sever:
2.2.2.0/24, via VIF2, Label 300
4.4.4.0/24, via VIF1, Label 400
vSwitch
Out
In
vFW2
VIF1
VIF2
vSwitch
In
Out
vFW1
VIF2
VIF1
POD 1/DC 1
Underlay
SDN
Controller
VRF_A1 VRF_A2
VRF_A1 VRF_A2
IP/MPLS
4.4.4.0/24, via vPE-F 2
DCI2DCI1
4.4.4.0/24, via DCI2
Import2:200
Route Leak with modified NH
4.4.4.0/24, via vSwitch
4.4.4.0/24, via DCI1
2.2.2.0/24, via PE2
2.2.2.0/24, via vPE-F 1 2.2.2.0/24, via DCI1
2.2.2.0/24, via vSwitch
For Outgoing traffic from Server:
2.2.2.0/24, via DCI, Label 100
4.4.4.0/24, via DCI, Label 200
For Incoming traffic to Sever:
2.2.2.0/24, via VIF2, Label 300
4.4.4.0/24, via VIF1, Label 400
2.2.2.0/24, via DCI2
Topic #5
BGP RR

NSH May Help Simplify This With Decoupling of Service &
Transport Layer
POD 2/DC 2
Underlay
R2 R4
PE2 PE3
2.2.2.0/24 4.4.4.0/24
SDN
Controller
RT 2:200 RT 4:400
VRF_A2
VRF_A VRF_A
vSwitch
vFW2vFW1
vSwitch
POD 1/DC 1
Underlay
SDN
Controller
IP/MPLS
DCI2DCI1
4.4.4.0/24, via PE3 2.2.2.0/24, via PE2
Classifier:
If <policy-match> -> PathID 10, SI 3
PathID = 10 -> vFW1, vFW2
vFW1 NH vSwitch
4.4.4.x NSH 10, 3
4.4.4.x NSH 10, 3
4.4.4.x NSH 10, 2
vPE-F1
vPE-F1
vPE-F2 4.4.4.x NSH 10, 2 vPE-F2
4.4.4.x
BGP RR
Topic #5

Linux Container Technology in NFV
§  Linux Container and/or Docker like technologies are gaining a lot of traction in the
virtualization space
§  Can help address some performance concerns
§  Security issues associated with Container in a multi-tenanted environment ?
§  How to containerize
§  Network Function by Network Function ?
§  Or a whole Virtualized Product (OS) ?
Topic #6

NFV – How to build / Augment Operations skillsets
•  Most existing technologies, protocols and associated skills are equally required
•  On top of that, there are needs for acquisition of New Skills
•  x86 Server Virtualization
•  Virtualization on Linux (and KVM/QEMU) Environment
•  Cloud Orchestration Systems – such as OpenStack
•  Virtual Switches – OVS, Netmap/VALE, Snabbswitch, Vendor Specific etc
•  SDN Controllers – OpenDayLight, Vendor Specific
•  Device Programmability and APIs – NETCONF, Yang, RESTCONF, REST APIs, OF….
•  Service Function Chaining – specially NSH (Network Service Header)
•  Network based Virtual Overlay transport – VXLAN, MPLSoGRE/UDP, LISP, L2TPv3…..
•  Automation Tools – puppet / chef etc.
•  Management, Orchestration, OSS Fundamentals,
•  …..
Topic #7

Open Forum For Other Topics That Are
on Top of Your Mind
Topic #8

NFV Introduction
Placeholder
Topic #9

“Network Functions” in SP Network Architecture Landscape
LTE
Smartphone
Access
xDSL
WiFi
Smartphone
PC
RNC2G 3G
Ethernet CE
NodeB
eNodeB
AP
Small Cell
FAP
Gateways /
Service Edge
OSS/BSS
Subsystems and Control
Data Plane
Voice Video Data
Core Network Infrastructure
IMS
xDSLHFC
PGWSGW
2/3G
GGSN
2/3G
SGSN
MME
ePDG
eWAG
PE
Metro Network
Infrastructure
NAT FW IPSec
DPICGNCaching
Opt
MSC-SMGW
A-SBC I-SBC
BGCF
MGCF
PS / RLS
DRA
Video
ingestion
DRM
Video Network
EMS Provisioning Analytics Billing
Radius
DNS
DHCP
S-CSCF
P-CSCF
I-CSCF
Trans-
coding
Cache
Control
Policy
Parental
control
HLR
HSS
ENUM
TAS SMS-C
Services
OCS MMS-C HCSRMS
xDSLDSLAM DSL/ FTTX BNG
Core
Routing
Metro
Ethernet
Biz
CPE
Consumer
CPE
Cable
Modem CMTS
Capacity
Planning
WLC
SecGW
HNB-GW
Policy
SDN
Controller
BGP
server
Metro
Ethernet
Data
CenterCore and Data Center Network Infrastructure

Virtualization of “Network Functions”
Existing Hardware / Appliance
based Network Functions (NFs)
Virtualized NFs running as
VM on x86 Server Platform
Step 1: Decouple software
from underlying hardware
Step 2: Port it as a VM on
x86 Server platform running
as a Network Function
Ethernet Switches
Storage
Hypervisor
FW Routing DPI LB

Telco
Service

Providers

$$

$$

Service

Consumers

Enterprises

Public

Sector

Consumer

$$

$$

Cloud
/
OTT
Service

Providers

IaaS

PaaS

SaaS

OTT

$$

many
networks,
technologies
and systems
massive growth
of IP traffic
$

$$

$$

$$

$$

converged and
private networks
PPPoE
IPv4
IPv6
MPLS
MPLS-TPOTN
DWDMATMSDH xGE
tunnel
VPN
MP-BGP ISIS/OSPF
MPLS-TE
DHCP
EOAM IPOAM
LACP
SNMP
CLI XML
t
revenue
cost
$
1.  Lean
&
Agile
OTT
players
with

economies
of
scale

2.  Highly-‐automated
operaEons

3.  Fast-‐paced
innovaEon

1.  Complex
and
silo’d
networks

2.  High
cost
to
operate

3.  Lack
of
agility,
huge
Eme
required
to
create
new
services

4.  ExponenEal
growth
of
bandwidth

1.  User
Experience

2.  Cloud
Centric

ConsumpEon
Models

/

Pay-‐as-‐you-‐go

Need to Understand SP Challenges to realize Why NFV

SP’s Expectations from NFV
§  NFV will help them to reduce cost (TCO)
§  NFV will bring the much needed agility in the Service Creation & delivery process
§  On-boarding a new service will be much easier with NFV
§  SP’s can now afford to go wrong – decommissioning a failed service wont be expensive
§  Services now can be scaled up and down elastically
§  NFV will help drive more Openness and Standardization

§  NFV – It is a Service Provider driven Initiative.
§  Initiative announced at “SDN and OpenFlow World Congress”, Darmstadt, Oct 2012
§  Industry Specification Group (ISG) group within ETSI
§  Not defining standards -deliver white papers and liaising with standards bodies
§  First ETSI meeting was held in January, 2013
§  Technically not related to SDN, conceptually different
§  But may utilize SDN concepts – Programmability, Orchestration
§  Type of network function mostly determine where virtualization makes sense
§  Careful analysis is required on Network Function by Network Function
NFV = Transition of network infrastructure services to run on
virtualised compute platforms – typically x86
Network Function Virtualization (NFV) Initiative

Key Factors To Determine Potential Virtualization Targets
Packet / Data Plane Performance Requirements
Control Plane Performance Requirements
Deviation from Standard Server build (e.g. interface type, density)
Economics of On-boarding if Virtualized
Power Efficiency requirement of the System
Development, Ease of Integration, Service Elasticity Needs
1
2
3
4
5
6

The Fundamental Electrical Building Blocks
General Purpose Processors (x86, ARM, PPC)
•  Wide range of capabilities (including packet processing)
•  Evolving multi-core capability (10+ processors per die)
•  Support virtualization and easy to program
Network Processor Units (NPUs)
•  Designed for flexible packet processing
•  Multi-threaded (100s) / n/w acceleration / integrated memory
•  Programmable in high level languages
Fixed function ASICs
•  Very low cost
•  Integrated s/w, very efficient but relatively inflexible
All based on CMOS technology – All subject to Moore’s Law

Characteristics of Network Elements
High Capacity Plumbing: (L0-3 : e.g. IPv4/v6, MPLS, VPNs, ACLs, optical devices …)
•  High throughput / BW
•  Many flows needing isolation, significant traffic management needed
•  Stateless functions
•  Mostly predictable traffic
•  Interface-specific functions (2-stage forwarding)
Network Services: (L4+ : e.g. DPI, vFW, CGN, DDOS, BNG, mobility, …)
•  Throughput - varies
•  # of flows (traffic management) – varies
•  Stateful functions
•  Unpredictable traffic
•  No i/f-specific functions
Low compute + High BW
è  Good fit for NPU
è  Poor fit for x86/CPU
Poor fit for x86/CPU
Good fit for x86/CPUYes (%)
No (%)
High Compute +
Low BW

Business CPE
Service
Appliances
(L4-L7)
Core Backbone Routing,
CE Access-Aggregation
and DC switching
Wireline GWs
Home CPE
Wireless
GWs
Network Functions – Requirements & today’s approaches
CPU
Reqs
0 10Mbps 100Mbps 1Gbps 10Gbps 100Gbps 1Tbps 10Tbps 100Tbps 1Pbps
High
Low
Distributed: CPUs + Lots of NPUs
Distributed: Lots of CPUs + NPUs
Centralized:
CPU + NPU
CPU
Centralized: CPU or SoC
Variable CPU / FPGA / NPU
OSS/BSS, subsystem
and N/W control

Mapping Back to the Service Provider Landscape
LTE
Smartphone
Access
xDSL
WiFi
Smartphone
PC
RNC2G 3G
Ethernet CE
NodeB
eNodeB
AP
Small Cell
FAP
Gateways /
Service Edge
OSS/BSS
Subsystems and Control
Data Plane
Voice Video Data
Core Network Infrastructure
IMS
xDSLHFC
PGWSGW
2/3G
GGSN
2/3G
SGSN
MME
ePDG
eWAG
PE
Metro Network
Infrastructure
NAT FW IPSec
DPICGNCaching
Opt
MSC-SMGW
A-SBC I-SBC
BGCF
MGCF
PS / RLS
DRA
Video
ingestion
DRM
Video Network
EMS Provisioning Analytics Billing
Radius
DNS
DHCP
S-CSCF
P-CSCF
I-CSCF
Trans-
coding
Cache
Control
Policy
Parental
control
HLR
HSS
ENUM
TAS SMS-C
Services
OCS MMS-C HCSRMS
xDSLDSLAM DSL/ FTTX BNG
Core
Routing
Metro
Ethernet
Biz
CPE
Consumer
CPE
Cable
Modem CMTS
Capacity
Planning
WLC
SecGW
HNB-GW
Policy
SDN
Controller
BGP
server
Metro
Ethernet
Data
Center
No
Appeal
No Appeal
High
Appeal
High
Appeal
Depends
HighAppeal
Very High Appeal
High Appeal
No
Appeal

The Role of SDN and Orchestration
Partial list, just a few main ones are mentioned here
Ethernet Switching Network Underlay
Hypervisor Hypervisor Hypervisor
NAT Firewall DPI
Orchestration and SDN Control Function
Storage
Server 1 Server 2 Server 3
Firewall DPI
VM / VNF Lifecycle
Management in
End-to-end manner
Network Plumbing
to orchestrate
dynamic topologies
Configuration
Management
of the VNFs
Integration with
Other DC/POD
And the WAN
OAM,
Assurance,
Analytics
Standard APIs
NAT

Computing
Hardware
Storage
Hardware
Network
Hardware
Hardware resources
Virtualisation Layer
Virtualised
Infrastructure
Manager(s)

VNF
Manager(s)
VNF 2

OrchestratorOSS/BSS

NFVI
VNF 3

VNF 1

Execution reference points Main NFV reference pointsOther reference points
Virtual
Computing
Virtual Storage
Virtual Network
NFV Management and Orchestration
EMS 2

EMS 3

EMS 1

Service, VNF and Infrastructure Description
Or-Vi
Or-Vnfm
Vi-Vnfm
Os-Ma
Se-Ma
Ve-Vnfm
Nf-Vi
Vn-Nf
Vl-Ha
NFV Reference Architecture from ETSI NFV ISG

Major Service Providers Driving the ETSI NFV ISG
* Partial List

NFV Use Cases
•  Simple ones – Virtualized Route Reflector
•  Virtualized CPE for Business VPN services
•  Virtualized Mobile Packet Core
•  Virtualized Managed Services (CPE, FW, UTM…..)
•  Virtualized Home CPEs
•  Virtualized Gateways (BRAS, BNG, mobile gateways, Wi-Fi gateways)
•  ….

Metro&and&Access& Core&&&Edge&&CPE& Data&Centers&
vPE-F
VNF Instances
vPE-F
VNF Instances
VNF VNF VNF VNF
DCI
DCI
Servers Storage
Bare Metal
Workload
PE
DCI
DCI
PE
Web VM DB VM
FWWAAS
vCPE
vFW
vWAAS
L2 NID
Backhaul
End-to-End Orchestration
vPE-F
VNF Instances
vPE-F
VNF Instances
VNF VNF VNF VNF
DCI
DCI
Servers Storage
Bare Metal
Workload
PE
DCI
DCI
PE
Web VM DB VM
FWWAAS
vFW
vESA
vWAAS
L3 CPE /
vCPE
Backhaul
End-to-End Orchestration

Business VPN CPE in a Overlay Transport Model
Cloud IPVPN with FW and Remote
Access to Internet
§  vFW with NAT and Policy
§  vFW with IPSec/SSL Remote Access
including Remote End-Host posture
verification
CPE
CPE
CPE
Internet
Router
vFW
SP CLOUD
Internet
Cloud-Hosted Management
Scalable, elastic, on-demand
Overlay Packet Tunnels
§  Keyed IPv6 tunnels - mesh, hub&spoke;
§  IPSec tunnels – mesh, hub&spoke if
keyed IPv6 tunnels not supported;
VR

Where to Place the VNFs ?
§  Candidate location types in the network –
§  Centralized Data Centers à Easier to manage
§  Fully Distributed – POP’s, Edge / Anchor Points / Peering locations à Higher scale & performance
§  Hybrid – Mix of the above
§  Some factors that may need to be considered here –
§  The Use Case to deploy the VNFs
§  Cost of transporting traffic across core
§  Network Architecture / design
§  Chance of Sub-optimal routing, impact on SLA (e.g. delay)
§  Management Ease vs. Scalability
vPE-F
VNF Instances
vPE-F
VNF Instances
VNF VNF VNF VNF
DCI
DCI
Servers Storage
Bare Metal
Workload
PE

vPE-F
VNF Instances
vPE-F
VNF Instances
VNF VNF VNF VNF
DCI
DCI
Servers Storage
Bare Metal
Workload
PE
DCI
DCI
PEL2 Backhaul
vCPE
vCPE
vPE-F
VNF Instances
vPE-F
VNF Instances
VNF VNF VNF VNF
DCI
DCI
Servers Storage
Bare Metal
Workload
PE
DCI
DCI
Web VM DB VM
FWWAAS
L2 Backhaul
Web VM DB VM
FWWAAS
vCPE
vCPE
vPE-F
VNF Instances
vPE-F
VNF Instances
VNF VNF VNF VNF
DCI
DCI
Servers Storage
Bare Metal
Workload
PE
DCI
DCI
PE
vCPE
vFW
vWAAS
L2 NID /
L2 Backhaul
Web VM DB VM
FWWAAS
Centralized
Higher Traffic Across Core
Sub-optimal routing
Higher e2e delay
Better performance / scale
More Complex to manage
Better performance / scale
More Complex to manage
Distributed
Distributedwith
ServiceChain

NFV – How to build / Augment Operations skillsets
•  Most existing technologies, protocols and associated skills are equally required
•  On top of that, there are needs for acquisition of New Skills
•  x86 Server Virtualization
•  Virtualization on Linux (and KVM/QEMU) Environment
•  Cloud Orchestration Systems – such as OpenStack
•  Virtual Switches – OVS, Snabbswitch, Netmap/VALE, Vendor Specific etc
•  SDN Controllers – OpenDayLight, Vendor Specific
•  Device Programmability and APIs – NETCONF, Yang, RESTCONF, REST APIs, OF….
•  Service Function Chaining – specially NSH (Network Service Header)
•  Network based Virtual Overlay transport – VXLAN, MPLSoGRE/UDP, LISP, L2TPv3…..
•  Management, Orchestration, OSS Fundamentals
•  …..

Network Function Virtualisation (NFV) BoF

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie Network Function Virtualisation (NFV) BoF

Ähnlich wie Network Function Virtualisation (NFV) BoF (20)

Mehr von APNIC

Mehr von APNIC (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Network Function Virtualisation (NFV) BoF