10/9/2014
1
Christos Kolias
Orange Silicon Valley
NFV
for a Software-Centric Network
IEEE ComSoc SVC
Santa Clara, October 2014
2
BRAS
FirewallDPI
CDN
Tester/QoE
monitor
WAN
AccelerationMessageRouter
Radio/Fixed Access
Network Nodes
CarrierGrade NAT
PE RouterSGSN/GGSN
The NFV Concept & Vision
Classical Network Model:Hardware Appliances
Classical Network Model:Hardware Appliances
� Network Functions are based on specialized hardware
� One physical node per role. Physical install per site
� Static. Hard to scale up & out
� Inefficient: sized for peak loads or cannot handle spikes
Session BorderController
standard servers, storage, switches
The New Network Model:Virtual Appliances
The New Network Model:Virtual Appliances
Orchestration & Automation
� Network Functions are SW-based
� Multiple roles over same HW. Remote operation
� Dynamic. Extremely easy to scale
� Scalable number of VMs
EPC
10/9/2014
2
3
Fields of Application
• Mobile networks:� HLR/HSS, MME, SGSN, GGSN/PDN-
GW, eNodeB, vEPC
• NGN signalling: � SBCs, IMS
• Switching elements:� BNG, CG-NAT, routers
• Home environment: � home router, set top box, picocell
• Application-level optimization: � CDNs, Cache Servers, Load Balancers,
Application Accelerators
• Security functions � Firewalls, virus scanners, intrusion
detection systems, spam protection
• Tunnelling gateway elements: � IPSec/SSL VPN gateways
• Converged and network-wide functions: � AAA servers, policy control and charging
platforms
• Traffic analysis/forensics: � DPI, QoE measurement
• Traffic Monitoring:� Service Assurance, SLA monitoring, Test
and Diagnostics
4
� EVA principle: elasticity, velocity, agility + scaleability
‒ Flexibility to easily, rapidly, dynamically provision and instantiate new services
in various locations (i.e. no need for new equipment install)
‒ Increased speed of time-to-market by minimising the typical network operator
cycle of innovation. More service differentiation & customization. Great for
BC/DR.
‒ Improved operational efficiency by taking advantage of a more homogeneous
(physical) network platform
� Reduced equipment costs through equipment consolidation, leveraging
the economies of scale. Eco-friendly.
� Reduced operational costs: reduced power, reduced space, improved
network monitoring
� Software-oriented innovation (including Open Source) to rapidly
prototype and test new services
� IT-oriented skillset and talent (readily available in global geography,
flexible). Convergence of IT & NetOps.
NFV: a Value Proposition
10/9/2014
3
5
ETSI NFV ISG
• Launched November 2012. First plenary January 2013
• 37 Tier-1 global operators/carriers
• > 230 member organizations
• 4 WGs, 2 EGs
• 4 specs published (Oct. ‘13) : architectural framework, virtualization
requirements, use cases, terminology
• 25 POCs
• Quarterly face-face meetings, 7 so far, next in Arizona, Nov. 2014
• 15 work items; 2 white papers (authored by operators, not ETSI)
• Tens of individual contributors and hundreds of contributions
• Working on Phase II
• www.etsi.org/nfv
ComputingHardware
StorageHardware
NetworkHardware
Hardware resources
Virtualisation Layer
Virtualised
Infrastructure
Manager(s)
VNF
Manager(s)
VNF
OSS/BSS
NFVI
VNF VNF
Execution reference points Main NFV reference pointsOther reference points
Virtual Computing
Virtual Storage
Virtual Network
EMS EMSEMS
Service, VNF and Infrastructure Description
Or-Vi
Or-Vnfm
Vi-Vnfm
Os-Ma
Se-Ma
Ve-Vnfm
Nf-Vi
Vn-Nf
Vl-Ha
Orchestrator
NF
V M
AN
AG
EM
EN
T &
OR
CH
ES
TR
AT
ION
VNFs
The E2E Reference Architecture
10/9/2014
4
7
� Network Functions Virtualisation Infrastructure as a Service (NFVIaaS)
‒ Network functions go to the cloud
� Virtual Network Function as a Service (VNFaaS)
‒ Ubiquitous, delocalized network functions
� Virtual Network Platform as a Service (VNPaaS)
‒ Applying multi-tenancy at the VNF level
� VNF Forwarding Graphs
‒ Building E2E services by composition
An E2E View: Architectural Use Cases
NVFIaaS Example
8
� Mobile core network and IMS
‒ Elastic, scalable, more resilient EPC
‒ Specially suitable for a phased approach
� Mobile base stations
‒ Evolved Cloud-RAN
‒ Enabler for SON
� Home environment
‒ L2 visibility to the home network
‒ Smooth introduction of residential services
� CDNs
‒ Better adaptability to traffic surges
‒ New collaborative service models
� Fixed access network
‒ Offload computational intensive optimization
‒ Enable on-demand access services
An E2E View: Service-Oriented Use Cases
10/9/2014
5
9
Virtual Network Functions Forwarding Graph
� Provides logical description of interconnecting the VNFs and traffic flow between them (aka Service Chaining)
� Nested FGs a possibility
� Need for new visualization & monitoring tools
10
� www.etsi.org/nfv-poc
� ETSI NFV PoC Zone @ SDN & OpenFlow World Congress (Oct. ‘14)
NFV POCs Proof-of-Concept Participants
CloudNFV Open NFV Framework Project Telefonica, Sprint, 6WIND, Dell,
EnterpriseWeb, Mellanox, Metaswitch,
Overture Networks, Qosmos, Aeroflex
Service Chaining for NW Function Selection in Carrier Networks NTT, Cisco, HP, Juniper Networks
Virtual Function State Migration and Interoperability AT&T, BT, Broadcom, Tieto
Multi-vendor Distributed NFV CenturyLink, Certes, Cyan, Fortinet, RAD
E2E vEPC Orchestration in a multi-vendor open NFVI environment Telefonica, Sprint, Intel, Cyan, Red Hat, Dell,
Connectem
Virtualised Mobile Network with Integrated DPI Telefonica, Intel, Tieto, Qosmos, Wind
River, HP
C-RAN virtualisation with dedicated hardware accelerator China Mobile, Alcatel-Lucent, Wind River,
Intel
Automated Network Orchestration DT, Ericsson, x-ion, DT Innovation Labs
VNF Router Performance with DDoS Functionality AT&T, Telefonica, Brocade, Intel, Spirent
NFV Ecosystem Telecom Italia, DigitalWave, SunTec, Svarog,
Telchemy, EANTC
Multi-Vendor on-boarding of vIMS on a cloud management framework Deutsche Telekom - Huawei Technologies -
Alcatel-Lucent
Demonstration of multi-location, scalable, stateful Virtual Network Function NTT, Fujitsu, Alcatel-Lucent
SteerFlow: Multi-Layered Traffic Steering for Gi-LAN Telefonica, Radware, HP, Mellanox
ForCES Applicability for NFV and integrated SDN Verizon, Telefonica, Mojatatu Networks,
Cumulus, Univ. of Patras
Subscriber Aware SGi/Gi-LAN Virtualization Telenor, ConteXtream, SkyFire, Guavus,
Redhat, HP
NFVIaaS with Secure, SDN-controlled WAN Gateway AT&T, Telecom Italia, Netronome, Intel,
ServiceMesh, PLUMgrid, Cisco
Operational Efficiency in NFV Capacity Planning, Provisioning and Billing BT, MetraTech, Huawei
VNF Router Performance with Hierarchical Quality of Service Functionality Telefonica, BT, Brocade, Intel, Spirent
10/9/2014
6
Creates competitive supply of innovative applications by third parties
Strategic Networking Paradigms
• NFV and SDN are highly complementary, they are mutually beneficial but not dependent on each other.
• Software is common denominator
Creates abstractions to enable faster innovation
Software
Defined
Networking
Leads to agility, Reduces CAPEX, OPEX,
Network
Functions
Virtualisation
Open
Innovation
12
� What should be open? ‒ Open Source (software)
‒ Open Design (hardware)
‒ Open Standards
‒ Open Interfaces, APIs (plugins)
‒ Open SDKs
� Open Community (not controlled by single vendor)
� Decoupling of software and hardware. Programmable network functions
� Benefits‒ modularization: best of breed, flexibility
‒ customization (mix & match)
‒ reduced costs
‒ easy to upgrade, no vendor lock-in
Open Networking & NFV
Network Operating System
Application / Tools / Services
Hardware (switch/server))
Virtual Switch
API
APIAPI
API
10/9/2014
7
13
� Issues: ‒ (harmonious) integration and consistency
‒ for operators: carrier-grade (HA & five 9s, DR/BC, SLAs, reliability)
‒ security, testing & interoperability, certification, licensing, regulation
� Creating a sandbox of open source tools would be ideal
� Open VNFs
‒ Open-sourced firewalls, load balancers, DPI
� Emergence of virtual switches and routers as vital block elements
� Disaggregation of switch hardware/software supports
‒ dynamic/programmable QoS (selective per application/user/virtual network, etc)
‒ monitoring/analytics tools
‒ run many NOS on same system (group of physical/virtual ports)
14
� SDN can play a key role in the orchestration of the infrastructure (physical, virtual)
‒ Provisioning and configuration of VNFs
‒ Allocate and manage resources (e.g., bandwidth)
‒ VM mobility
‒ Automation & programmability
‒ Security & policy control
‒ Centralized network control. Unified control & management plane?
� Service composition (NFV Forwarding Graphs)
‒ Directing traffic flows to VNFs
‒ Traffic flow characterization very important (especially for mobile, E2E scenarios)
� An SDN controller could be a VNF or part of service orchestration (NFV’s M&O)
NFV+SDN
10/9/2014
8
15
� NFV creates a very dynamic environment
‒ SDN can present an overall logical view, map
‒ SDN’s programmability is key aspect (i.e., for automation)
� Ad-hoc, on-demand, secure virtual tenant networks
� Extend M&O to include Network Management
� SDN could enable and accelerate the virtualization of the network and the “cloudification” of the carrier (COs/PoPs become DCs)
� Challenges in “dovetailing” SDN with NFV
‒ Hybrid virtualized/non virtualized environment
‒ Mixed SDN/non-SDN (legacy) network elements/domains
‒ SDN across NFV boundaries
‒ NFV across SDN boundaries (this may require some sort of SDN federation)
NFV and SDN together can create greatest value
Apps Apps Apps
APIs
Computing
Hardware
Storage
Hardware
Network
Hardware
Hardware resources
Virtualisation Layer (ODL, NSX, OVX, …)
NFV Infrastructure (NFVI)
Virtual Computing Virtual Storage Virtual Network
MANAGEMENT
&
ORCHESTRATION
Virtual Network Functions (VNFs)
VNF VNF VNF
Apps
SDN-based NFV
Interfaces, ProtocolsSDN Controller
OpenStackNeutron
10/9/2014
9
17
Service Composition & Service Insertion
� Policies determine the chain order (eg. OF rules): define your own chain!
� Use of metadata, tags as application/flow descriptors.
� Use
‒ Tunnels/overlays, eg., VxLAN for creating paths‒ SDN controller for directing traffic
� Virtual networks for multi-tenancy and traffic isolation (virtualizing the virtual appliances…)
vCDNvDPIvLBvFW vADC
vDPI vCDN
physical
switch
vSwitch SDN Controller
18
� Programmable Service Chains
‒ Branching‒ Loops‒ Parallelism‒ Nests/recursion
� Pipelined Service Chains
� Virtual switches are key functional blocks
‒ Statefull/stateless
‒ Redundancy/DR
‒ Performance guarantees (delay, bandwidth)
� Languages/structures for describing service chains
‒ Describing forwarding behaviour
‒ Accounting for constraints (e.g., security)
� Building service chains for NaaS
10/9/2014
10
19
Mapping to Open Source communities
NFVI NFV M&O
Hardware Resources
ComputingHardware
StorageHardware
NetworkHardware
Virtualization Layer
Virtual Compute Virtual StorageVirtual Network
VNF VNF VNF
EMS EMS EMS
OSS / BSS
Service, VNF &
Infrastructure
Description
VirtualizedInfrastructure
Manager
Orchestrator
VNFManagers
VNF
OpenStackCloudStack
KVMXEN, LXC
new forgeneric VNFs Open Daylight
ONOS, ONF
DPDKODP (Linaro)
OCP
OpenStackCloudStack
20
� Open Platform for NFV (OPNFV): collaborative (vendor/carrier) community supported by Linux Foundation to accelerate the evolution and adoption of NFV
� Launched September 2014. Already 40 members. www.opnfv.org
� Scope: NFV Infrastructure (NFVI) and Virtualized Infrastructure Management (VIM)
Open Platform for NFV
� Goals‒ Create a carrier-grade open source platform for integration, testing and
validation‒ Build new open source components‒ Use open implementations to drive an open standard and open
ecosystem for NFV solutions‒ Develop code for E2E solutions
� Benefits
‒ Faster solutions (time-to-market)‒ Lower development cost‒ Feedback to ETSI ISG NFV
10/9/2014
11
21
� APIs: important for plug-n-play, especially for open platforms
� Google, FB, Microsoft, eg. WebRTC
� They can enable plethora of innovative (eg, ad-hoc/customized) services and lead to new business models for the telcos
‒ Monetization opportunities (eg., consumers, enterprise, VNOs, etc)
� SPs: From function/service-based to app-based models
‒ Deploy resources (including VNFs on-demand) as an app/user needs them
‒ Example: different mobile apps may require different connectivity mode (4G, WiFi, multiple WiFis, etc)
‒ Example: customer-tailored, brokerage-based services (eg., VoIP calls)
‒ Managed services (the evolution of VPNs)
� Integrate (network and business) intelligence: write your own VNF!
The Role of APIs
� Smart mobile devices and IoT will precipitate the adoption of APIs for telco Apps
22
Load Balancer
WAN Acceleration
DPI
Switch
Firewall
Load Balancer
WAN Acceleration
DPI
Switch
Firewall
Load Balancer
WAN Acceleration
DPI
Switch
Firewall
Infrastructure today
Collection of heterogeneous networks(with lots of duplication)
10/9/2014
12
23
FW LB DPI OSV SDN CTR
FW LB DPI OSV SDN CTR
FW LB DPI OSV SDN CTR
VM VM VM VM VM
VM VM VM VM VM
M&O
NV
SDN CTR
EMS
OVS
NFV removes the physical boundaries and constraints in your infrastructure
24
� Goal: engage researcher centers/labs, academia in NFV (alongside with industry) to encourage new research and teaching courses
� Potential topics:
• Service Chaining & Service Insertion algorithms & protocols. Optimization mechanisms
• NFV Orchestration algorithms
• NFV Controllers. SDN Controllers for NFV
• Abstractions for carrier-grade networks & services (imperative/declarative programming languages)
• Traffic steering/dispatching
‒ Pure virtualized environment
‒ Hybrid (virtualized/non-virtualized) environment
• Consolidation of VNFs & Multipurpose VNFs
• Nested VNFs algorithms
• Security
NFV Research & Education
10/9/2014
13
25
• Performance studies, e.g.,
‒ Resources requirements
‒ Latency & locality in software implementation
‒ Optimization techniques
‒ System bottlenecks
‒ Portability
• Cost (Benefit) Analysis studies
• BC/DR: fault-tolerance, resilience, redundancy
• NFV system configuration patterns
• Complexity of NFV systems
• Energy Efficient NFV architectures
• Service Assurance
‒ Tests & diagnostics (eg, fault isolation, fault-correlation‒ Predictive analytics (e.g., fault prediction)
• New VNFs, new network architectures, new topologies
• NFV Federation
• E2E Architecture
• Open Source collaborative projects
• Cross-disciplinary research, domain cross-pollination
26
SmartEPC: NFV+SDN PoC @ OSV (Net2 Studio)
• Easier to integrate SDN-based solutions, such as “smart traffic
offloading”‒ Offload traffic based on various & different criteria (e.g., per customer, traffic)
‒ Embed OF agents in VNFs (running on VMs)
• Better management of EPC. Mobile flow characterization
• Does not require vendor to make drastic changes Orange Silicon Valley
ANDSF
Evolved Packet Core
SDN CTRL