cloud meets networks - technische universität … function chains – first step towards sdn ......

Cloud Meets Networks Key for Innovations and Efficiency

Walter Haeffner Vodafone Distinguished Engineer

24th International Conference on Field Programmable Logic & Applications

Munich, Germany; 4th September 2014

Vodafone Germany – a brief company overview

Product portfolio, some major engineering activities

Cloud meets networks – virtualizing the service edge

Short Introduction into Network Function Virtualization, Status at Vodafone,

Operational benefits of cloud technologies in general

Flexibility, scalability, drastic reduction in lead times, positive business case

Service Function Chains – First step towards SDN

Improved service creation features by means of Software Defined Networks

Cloud meets Networks Topics

Public - W. Haeffner VF-DE 2

Vodafone Germany Our Company at a Glance

Vodafone Germany

Mobile and fixed communication services

Consumer & enterprise product portfolio

About 10.500 employees

More than 37 Million customers

Turnover: approximately 9,6 billion €

Over 20% of profit of the Vodafone Group


Vodafone Germany Our Product Portfolio

Public - W. Haeffner VF-DE

Consumer Offers

Mobile access: GSM, UMTS/HSPA, LTE

Fixed Access: xDSL/QoS, CaTV, WiFi

Services: VoIP, Internet Services, TV, VoD

Enterprise Offers

Internet Access for ISPs (IPv4 and IPv6)

MPLS VPNs, Ethernet Services, QoS, Encryption, …

Voice, IN, IVRs, FMC, Mail, Web, FW, …

Wholesale Offers

xDSL services (suitable for triple play)

Mobile voice and data services

4

Vodafone invests significantly in LTE,

CaTV and fixed networks in general

Major Vodafone Germany projects:

Converged IP backbone and

backhaul for fixed and mobile

Migration of all GSM and UMTS

mobile networks towards All-IP

First Vodafone OpCo with LTE.

VoLTE field trials ongoing

Now Vodafone Germany is first

OpCo where clouds meet networks

Vodafone Germany Future-proofing our Business


Cloud meets Networks Service Edge is a critical Cost Factor


Network Data Center

IPTV back-end systems,

Web, Mail and News

platforms, charging,

subscriber databases

IP Backbone

IP and Ethernet

over WDM

Service Edge

EPC, BNG,

SBC, AAA,

DNS, PEP, FW

DPI, NAT, …

Access / Backhaul

Mobile, DSL, CaTV

access network for

Consumer and

enterprise

Service edge became very complex, hard to manage and expensive to maintain

Without network function virtualization (traditional view)

6

C3-Confidential

Cloud meets Networks Service Edge Problem Statement


Service Gateways VoIP DNS / ENUM / AAA Application Servers Routers, Firewalls

Typically every telecommunication service has its own service creation environment

Proprietary telco equipment like switches, routers, service gateways, firewalls, ......

X86-based middleboxes like DNS, AAA, SIP proxies, performance optimizers, ...

Since generations, scaling up network and service capacity is basically a box business

Upgrades and extensions very time consuming, typically months to years

No elasticity, unforeseen capacity demands often hard to realize in time

Introduction of new network services very time-consuming and expensive

Commercial service platform often SW on a supplier-preferred HW platform

Telcos have a tough time to compete with Internet Service Providers

7

http://images.bit-tech.net/content_images/2010/03/amd-opteron-6174-vs-intel-xeon-x5650-review/opteron6000.jpg

C3-Confidential

Service creation points are individual, dedicated proprietary telecommunication

systems with their typically extreme long development and deployment cycles

Cloud meets Networks IT Systems are much more modular than Telco Systems


Telecom Industry

Very long innovation cycles (years)

Network Operators (AT&T, BT, DT, VF, ...)

Proprietary OS Design

Proprietary HW Design

Software Applications

Proprietary

SW APIs

IT Industry

Very short innovation cycles (months)

Service Providers (Apple, Google, Facebook, ..)

Commercialized OS

Standardized Silicon

Software Applications

Standardized

SW APIs

8

http://www.ts-coach.com/blog/wp-content/uploads/2012/08/10893972_l.jpg

C3-Confidential

Cloud meets Networks Since Years IT improves Economics with Virtualization Technology


Virtualization Layer

Virtual Switch

Application

OS Storage

Application

OS Storage

Application

OS Storage


Application

OS Storage

Application

OS Storage

Application

OS Storage

Application

OS Storage

Application

OS Storage

Application

OS Storage

Application

OS Storage

Application

OS Storage

Larger Computer Center

based on Standard Blade Servers

Much more Virtual Machines

than Physical Servers

9

C3-Confidential

Cloud meets Networks Porting the Service Edge into the Telco Cloud



10

Typically every telecommunication service has its own service creation environment

Proprietary telco equipment like switches, routers, service gateways, firewalls, ......

X86-based middleboxes like DNS, AAA, SIP proxies, performance optimizers, ...

Since generations, scaling up network and service capacity is basically a box business

Upgrades and extensions very time consuming, typically months to years

No elasticity, unforeseen capacity demands often hard to realize in time

Introduction of new network services very time-consuming and expensive

Commercial service platform often SW on a supplier-preferred HW platform

Telcos have a tough time to compete with Internet Service Providers

Individual proprietary system platforms removed – functionality ported into Telco Cloud

Standard Blade Server Hardware as Platform for Virtual Machines

And don’t forget


C3-Confidential

Cloud meets Networks Porting the Service Edge into the Telco Cloud



11

Standard Blade Server Hardware as Platform for Virtual Machines

And don’t forget

Individual proprietary system platforms removed – functionality ported into Telco Cloud


Telco Cloud

Network Cloud Center

Cloud meets Networks Network Function Virtualization will help to reduce Life Cycle Costs


IP Backbone Access / Backhaul

With network function virtualization (the final view – so far)

Many service edge systems

virtualized to run in a

common Telco Edge Cloud

All server-based service

platforms, OSS and BSS

are migrated into a Cloud Center

12

Cloud meets Networks Paradigm Changes with Network Function Virtualization

13 Public - W. Haeffner VF-DE

Replaces box business by software license business.

Opens market for innovation.

Easier operational handling.

SW runs on a virtual machine and therefore is movable.

Commercial (e.g. VMware, Microsoft) or

public domain (e.g. Linux/KVM) platform.

Of the shelf servers.

Only one platform to manage.

Business case: more virtual servers than physical servers.

Of the shelf high volume storage.

Off the shelf Ethernet switches.

Virtual Machines


above bare metal

Commodity Server

Hardware

Storage

Cloud Center Switching

Highest availability of HW and Software: 99,999% (5 min / year)?

Characteristics of telco data plane and control plane traffic supported?

Quality of Service (QoS) with respect to IP and Ethernet transport?

Sufficient throughput comparable to ASIC-based network elements?

Should we always (try to) virtualize/emulate silicon-based features?

Cloud meets Networks Is an out of the Box System ready for virtualized Telco Environments?


Cloud meets Networks NFV and SDN Application Domains in Carrier Networks


Network Core

Simple, just MPLS forwarding

SDN not required

Network

Edge

Network Edge

• keeps all the intelligence

• Could be fully realized in SW

(virtualized data centers)

• Well, could become expensive

Data Centers

• Hypervisors include

many virtual switches

Network Centers

• Include many

middleboxes

• Could be fully

virtualized Firewalls, Proxies, Optimizers,

Load Balancers, DPI,

Intrusion Detection, ….

is data plane functionality

SDN

• Traffic Engineering

• Access Control

• VPN creation (isolation)

• Other connectivity services

Other potential

SDN domains

Only global functionality

Cloud meets Networks Interrupts may become potential Bottlenecks within Virtualized Platforms


External IRQ causes eight exits and enters before guest VM is allowed to restart stalled process:

Guest System

Host System

Running ISR Running

Running Running

VM exit

Host enter

VM enter

Host exit

VM exit

Host enter

VM enter

Host exit

External Interrupt Request (IQR)

VM: Virtual Machine

ISR: Interrupt Service Request

Source: Wind River, Intel: HIGH PERFORMANCE, OPEN STANDARD VIRTUALIZATION WITH NFV AND SDN

Achieving near-real-time performance in SDN and NFV requires to solve some main issues.

Cloud meets Networks Interrupts may become Bottlenecks in Telco Applications


Mobile base stations I/O intense systems hundreds to thousands of IRQs per second.

Similar, Mini Cloud virtualization layer must handle thousands of interrupts per second.

Thousands of IRQs per second serious impact on quality of telco services ( delay, jitter).

E.g. Wind River /Intel claims to reduce the typical interrupt latency from between

300 and 700 μsec to sub-20 μsec, (close to near-native performance) by using

Wind River Open Virtualization Profile Carrier grade RT-Linux kernel, high priority guest VMs

Virtualized Packet GW (EPC)

Virtualized Baseband Unit

(running in a Mini Cloud)

Remote

Radio Head

Telco Edge Cloud


Cloud meets Networks Intel Data Plane Development Kit (DPDK) reduces Latency significantly


Message signaled interrupt (MSI) latency of

an out-of-the box version of KVM and Linux

measured over thousands of interrupts,

In this virtualized environment, some

interrupts had latencies exceeding 600 μs

and the average was around 25 μs.

System with Wind River Open Virtualization

Profile. The maximum interrupt latency was

less than 14 μs and the average was about

8 μs. This represents a more than 40 times

improvement in the worst-case latency of

the non-optimized case.


Cloud meets Networks Intel Data Plane Development Kit : Virtual Machine gets direct Access to phyNIC

19

Virtual

Appliance

Virtual

Appliance

Virtual

Appliance

Virtual

Appliance

Virtual

Appliance

Virtual

Appliance

Intel DPDK

Environment Abstraction Layer

Environment Abstraction Layer Linux

Kernel

Intel DPDK

Environment Abstraction Layer

Hardware

user space

kernel space

No nondeterministic

behavior and overhead

of virtualization layer

and Linux kernel


Cloud meets Networks Lot of tweaking necessary for virtualized Network Functions


6WIND extended Intel’s DPDK

IPSec acceleration

Crypto acceleration

Virtualization enhancements

Virtualization enhancements include

I/O Virtualization (IOv)

bypassing virtual switch,

shortcut between VM and phyNIC

Virtual NIC (vNIC) Driver

for east-west traffic via vSwitch

VM to VM (VM2VM) driver

direct VM-to-VM communication

bypassing vSwitch (highest throughput)

Virtual Machine

Virtual

Appliance

Operating

System

Virtual Machine

Virtual

Appliance

LINUX

6WIND

Intel DPDK

Virtual Machine

Virtual

Appliance

LINUX

6WIND

Intel DPDK

Virtual Switch

Hypervisor

phyNICs

VM2VM

vNICs

IOv

Source: Whitepaper from www.6wind.com

Cloud meets Networks Today a single x86 Xeon now makes up to 80 Mpps


Intel Xeon

E5645

2 sockets

6x 2,4 GHz

Intel Xeon

E5645

1 socket

6x 2,4 GHz

Intel Xeon

E5-2600 v3

1 socket

8x 2,0 GHz

80 Mpps

35.2 Mpps

12.2 Mpps Native

Linux

Stack

Intel

DPDK

in Linux

user

space

Intel

DPDK

in Linux

user

space

Intel

DPDK

in Linux

user

space

Intel

DPDK

in Linux

user

space

2010

2010

2014

Reference Platform

Quad Intel® Xeon® Processor

E5-2600 v2 Series at 2.8 GHz

64 GB RAM

20 x 10G Ethernet ports

IP Forwarding: 10 Mpps per core,

up to 228 Mpps using 40 cores

Performance scales linearly with

number of cores configured to run

the 6WINDGate fast path

Performance is independent of

packet size

Cloud meets Networks 6WINDGate reported up to 226 Mpps independent on Packet Size


Source: Whitepaper from www.6wind.com

Session Boarder Controllers connect

external with internal networks.

SBCs include a Back-to-back user

agent, Firewall, NAT/PAT, ...

Very often used to secure and support

internal VoIP networks and platforms.

Split signalling (SIP) from voice data.

Hardware SBCs include a network

processor, a DSP for voice and fax

transcoding, a x86 CPU for signalling.

Cloud meets Networks Virtualizing ASIC-based Features


SIP signaling, protection, NAT:

in fact often already done on x86.

SIP encryption (SIP over TLS):

Network processors or x86 CPUs

may do the job easily.

Data layer throughput (RTP stream of

small voice IP packets): Today no

issue at all with Intel DPDK.

Media layer handling the voice

stream, voice and FAX transcoding:

SBC

sessions

Transcoding

< 5% of sessions

Transcoding

> 5% of sessions

Few hundred Good fit for vSBC Good fit for vSBC

Thousands Good fit for vSBC Bad fit for vSBC

Source: AudioCodes, April 2014

Highest availability of HW and Software: 99,999% (5 min / year)?

For sure. Feasible for HW and SW. Standard by now.

Characteristics of telco data plane and control plane traffic supported?

Not out of the box. Requires mods in operating system and virtualization layer.

Quality of Service (QoS) with respect to IP and Ethernet transport?

Typically, vSwitches, vRouters support L2 & L3 DSCP marking and basic QoS.

By today, “real” QoS with multiple queues still silicon-based.

Sufficient throughput comparable to ASIC-based network elements?

Up to 100, ...200 Gbps feasible and reasonable with virtualized systems.

But virtualization of large routers (2 – 4 Tbps per shelf) not feasible by now.

Should we always (try to) virtualize/emulate silicon-based features?

Depends pretty much on the use case. Extensive use of e.g. DSPs may

exclude virtualization of a hardware device.

Cloud meets Networks Is an out of the Box System ready for virtualized Telco Environments?


Cloud meets Networks Keep your Objectives feasible


virtualized Telco Cloud

on x86 Architecture x86-based

server systems

network elements

with “large brain and

less muscles”

network elements

with “small brain and

big muscles”

stay with silicon-based

physical boxes

Specialized ASICs

hard to map on x86


Cloud meets Networks Our Three Year Network Engineering Telco Cloud Program

Accelerate network and service deployments by

Telco Edge Clouds & SDN technologies:

Short Term: Move all middleware and server-based

functionality into unique Telco Edge Cloud

(Focus fixed and mobile VoIP infrastructure).

Mid term: Mobile Packet Core, Internet platforms,

NMS/OSS, virtual CPEs, self service portals.

Design and deploy orchestration platform.

Long Term Objectives with focus SDN:

Management of virtual LANs

Service creation platform for Gi-LANs

Flexible and fast provisioning of mobile backhaul links

Cloud meets Networks Virtualized Voice Services for Fixed and Mobile –Field Trials ongoing


VAS Service Chains vEPC VoLTE Fixed VoIP

VCE vBlock

*Target: one VoIP Platform (based on our VoLTE solution) for Mobile, DSL, TV Cable or FttH

Cloud meets Networks Paradigm Shift: From centralized to decentralized Mobile Network Platforms

Local Management

Platform

Central Management

Platform

Flexible capacity scaling for

all virtualized network apps

New IT-like deployment model

for new services

Increased redundancy

Uniform and standardized HW

(compute, storage, switch)

Network function shifts possible

between locations

Lower latency through closeness

to network edge

Run regional apps for specific

customers (e.g. enterprise)

Higher complexity and new

service assurance models


Cloud meets Networks Benefits already seen

Lower costs – Network will utilise

cheaper due to general purpose

standard hardware

Faster time to market – standard

HW deploys faster. And it’s just SW

deployment once cloud platform is

in place.

Better performance – NVF ensures

elasticity (network can automatically

adapt to resources required)

Improved quality – automatic

provisioning reduces manual

configuration errors


C3-Confidential

Cloud meets Networks First vEPC Implementations appeared

30

VCE vBlock

Core capacities can be scaled with

much better flexibility

Enabler for new resilience schemes

and increased site redundancy

vEPC

Internet

Walled Garden


http://www.beyond-print.de/wp/wp-content/uploads/2013/04/internet-netz-welt_Fotolia_40589165_XS.png

Cloud meets Networks Business Case for Telco Cloud very attractive

Considered TCO for eight services

Telco Edge Cloud business case

25 % to 45 % CAPEX savings over

the next 5 years

30% to 60% OPEX reductions over

the next 3 years

IMS TAS NGN IVR

IN TDM EPC DNS

31 Public - W. Haeffner VF-DE

Cloud meets Networks Service Function Chains manage network traffic and service policing


Mobile network operators need to implement a complex array of single- (or few-) function

devices ( a.k.a. SFC) to control data traffic such that they can achieve their business goals.

Internet

PGW

Router

Router

IP Backbone

Access

protect network & privacy – FW, IDS, ACL, ...

optimize transport & payload – TCP Opt., Video Opt., ...

functions required for technical reasons – GC-NAT, DPI, LB, ...

merge signaling information into data flow - HTTP header enrichment, ...

network-based value added services – parental control, malware protection, ...

LAN(s) with Service Function Chains

Walled Garden

Services

Cloud meets Networks Service Chaining will allow flexible Service Composition

33

Composition of services will be enabled

by Network Function Virtualisation

Users (or groups of users) can have

individual service chains

Service Chains

example


Cloud meets Networks Not only Servers but also Switches become virtualized


Virtual Switch

Virtual Switch

SF1

SF1

SF1

SF1

SF2

SF2

SF3

SF3

SF3

SF4

SF4

Service Chain Blue: SF1 – SF3 – SF4

Service Chain Red: SF1 – SF2 – SF4

Cloud meets Networks Simplified and flexible Service Chain Set-up based on SDN Technologies


1 2 4

3 5

6

• Create Service Function Topology • Define Branching Conditions

(Business Rules) graphs uni- or bidirectional

SDN Compiler translates automatically abstract Service Function Chain into a physical Network Configuration

Mediation Device (Openflow, OVSDB, Netconf, LISP, ...)

S4 S5 S6 • Forwarding Topologies for multiple service chains.

• Branching rules in services

1 Abstract service

Abstract link

S1 (virtual) service function

(virtual) forwarding device Physical Layer

1 3 6

S1 S2 S3

Cloud meets Networks Define Forwarding in an abstract topological Service Function Graph


SFP-2

SFP-1

SFP from to

SFP-2 class SF-1

SFP-2 SF-1 SFF-2

SFP-1 class SF-1

SFP-1 SF-1 SF-2

SFP-1 SF-2 SFF-2

SFP from to

SFP-2 SFF-1 SF-6

SFP-2 SF-6 SF-7

SFP-2 SF-7 SFF-3

SFP-1 SFF-1 SF-3

SFP-1 SF-3 SFF-3

SFP from to

SFP-2 SFF-2 SF-4

SFP-2 SF-4 SF-5

SFP-2 SF-5 exit

SFP-1 SFF-2 SF-4

SFP-1 SF-4 SF-5

SFP-1 SF-5 exit

Classifier

SF-1

SF-3

SF-4 SF-7 SF-6

SF-2

SF-5

Control and

User Plane

Metadata

IP User Data Metadata .....SFP... Transport Header

New NSF Header

flow is from P-GW to data source

and from data source to P-GW

SFF-1 SFF-2 SFF-3

Classifier is

always first

element

traversed by

an IP packet

NSF: Network Service Function

SFF: Service Function Forwarder

SFP: Service Function Path

P-GW: LTE Packet Gateway

Cloud meets Networks Map topological Forwarding onto physical Underlay Network using SDN


SFP-2

SFP-1

Classifier

SF-1

SF-3

SF-4 SF-7 SF-6

SF-2

SF-5

SFF-1 SFF-2 SFF-3

Topological SFP Table

SF Attachment Table

Underlay Tunnel Table

SFP-Instance

SDN Controller

OVSDB Openflow

Service Function Chain

Compiler

Map onto Flow Tables

Cloud meets Networks Service Function Chaining is going to be Silicon-based


IP User Data Metadata .....SFP... Transport Header

New NSF Header

First Network Processors soon will be able to process not only L2 (Ethernet) and L3 (IP)

but also Network Service Function Header which is going to be defined by IETF SFC-WG.

If you like to know more details, google for Cisco ACI (Application Centric Infrastructure) .

Cloud meets Networks Summary


Network Function Virtualization permits by now unseen scalability and elasticity.

NFV and Cloud technologies enables us to reduce CAPEX and OPEX

significantly in the respective application domains of the network edge.

NFV offers the potential to reduce implementation lead times from weeks

and days to hours and minutes.

Virtualization of Fixed and Mobile Voice Infrastructure (NGN, VoLTE) is already

in place at Vodafone-DE and ready to support full national coverage.

Further applications specially from the mobile core (EPC, DNS, AAA, ...)

are currently going to be virtualized.

Most complex task will be the specification and implementation of the

corresponding IT-based orchestration system for the combined management

of virtualized computing resources and network functionality.

Cloud meets Networks


cloud meets networks - technische universität … function chains – first step towards sdn ......

Documents