The NFV Way: It Ain’t Carrier-Grade Cloud_ Diego R. Lopez Telefónica I+D March 2014 The NFV Concept Network functions are fully defined by SW, minimising dependence on HW constraints DPI GGSN/ SGSN CG-NAT BRAS Firewall DISCOVER, DISRUPT, DELIVER PE Router VIRTUAL NETWORK FUNCTIONS FUNCTION COMMON HW (Servers & Switches) CAPACITY NFV-based Target Service Provider Network • The target is a simplified, less expensive service provider network • From hardware-based networks to software defined, virtualized ones • Service level functionality should be implemented largely in software • The network infrastructure consists of low unit cost COTS network elements: servers, packet optical transport, data center switches and storage • Leverage low cost per unit to provide bandwidth expansion and increasing range of services • Use distributed storage instead of expensive routing and transport to deliver popular, high volume content • Use software-based service delivery to be more responsive to new requirements from customers and market opportunities • Automate management and provisioning to the greatest extent possible • Leverage SDN for application-aware routing, and separation of packet forwarding from control to rapidly introduce new services and adapt to changing traffic patterns • Network functions, caching, applications, enablers all run in virtualized distributed data centers • IP & transport infrastructure still used as necessary in optical backbone and Internet DISCOVER, DISRUPT, DELIVER The NFV Framework End Point E2E Network Service End Point Network Service Logical Abstractions VNF VNF VNF VNF VNF Logical Links VNF Instances SW Instances VNF VNF VNF VNF VNF : Virtualized Network Function NFV Infrastructure Virtual Resources Virtual Compute DISCOVER, DISRUPT, DELIVER Virtual Network Virtualization Layer Virtualization SW HW Resources Virtual Storage Compute Storage Network The NFV Reference Architecture Os-Ma OSS/BSS Orchestrator Se-Ma Service, VNF and Infrastructure Description EMS 1 EMS 2 EMS 3 Or-Vnfm Ve-Vnfm VNF Manager(s) VNF 1 Or-Vi VNF 3 VNF 2 Vn-Nf Vi-Vnfm NFVI Virtual Storage Virtual Computing Virtual Network Nf-Vi Virtualisation Layer Vl-Ha Computing Hardware Storage Hardware Execution reference points DISCOVER, DISRUPT, DELIVER Virtualised Infrastructure Manager(s) Hardware resources Network Hardware Other reference points Main NFV reference points It Ain’t Cloud Applied to Carriers The network differs from the computing environment in 2 key factors… 1 2 Data plane workloads (which are huge!) Network requires shape (+ E2E interconnection) HIGH PRESSURE ON PERFORMANCE GLOBAL NETWORK VIEW IS REQUIRED FOR MANAGEMENT …which are big challenges for vanilla cloud computing. AN ADAPTED VIRTUALISATION ENVIRONMENT IS NEEDED TO OBTAIN CARRIER-CLASS BEHAVIOUR DISCOVER, DISRUPT, DELIVER Cloud Computing vs NFV NFV CLOUD COMPUTING 1. PERFORMANCE BOUND TO CPU 1. PERFORMANCE BOUND TO I/O & MEMORY ACCESS 2. AGGREGATED VIEW OF RESOURCES (CPU, memory, etc.) 2. NUMA VIEW 3. ENDPOINTS 3. MIDDLEPOINTS Applications need the OS Data-plane network functions bypass the OS 4. NODE-CENTRIC 4. NETWORK-CENTRIC Shapeless interconnection The network has a shape 5. MANY AND SMALL VMs 5. FEW AND LARGE VMs DISCOVER, DISRUPT, DELIVER Internal architecture is relevant for guests Redesigning Network Segments Distributed Data Plane Centralized Control Plane LOCAL PoPs v CDN Service Domain P-CSCF Network Domain REGIONAL DATA CENTRES Video SDP CSFB v NGIN Security IMS SRVCC M/SMSC EPC BRAS PE DHCP PCRF DPI CG-NAT GGSN DNS UDB HW and SW decoupling Infrastructure HW and SW decoupling OS + HyperVisor OS + HyperVisor COTS HW COTS HW MPLS/SDN/Optical MPLS/SDN/Optical Networks PoPs and datacentres intra- and inter-communications will be critical to guarantee network service elasticity and network plasticity DISCOVER, DISRUPT, DELIVER With the Proper Balance between NFV & SDN BNG CONTROL NFV CG-NAT POOL MGMT SW-defined network functions Pool admin Session UPnP mgmt IPv4 / IPv6 TR-069 DHCP NAT Separation of HW and SW No vertical integration - HW vendor ≠ SW vendor ≠ Mgmt vendor Once network elements are SW-based, HW can be managed as a pool of resources NAT ctrl. SDN Interconnecting Virtual Network Functions (a.k.a. backplane) Separation of control and data plane Easy orchestration with SW domain DISCOVER, DISRUPT, DELIVER High and Predictable Performance is Achievable 80 Gbps per COTS blade Acceptable performance x10 GAP @Cloud What defensive Industry says (*) DISCOVER, DISRUPT, DELIVER EXECUTION VM Bare Metal VM @vPoP VM @Cloud What can be achieved doing things well(*) ETSI NFV Work Item “NFV Performance & Portability Best Practises”: DGS/NFV-PER001 Current version: v0.0.7 (stable draft – 15/10/2013) MANAGEMENT Bare Metal MANAGEMENT EXECUTION Bare Metal NFV Current Targets: Virtual Residential CPE Shifting network functions deployed in home environment to the network… Telco Network environment Home environment STB Virtual CPE UPnP IPv4/IPv6 Access Point Switch Módem TR-069 DHCP • • Simple, stable along the time and cheaper customer premises equipment Quick and transparent migration to IPv6 Live trial today Commercial before end 2014 DISCOVER, DISRUPT, DELIVER FW • • • NAT Service evolution and operation is supported inside telco network Monetize cloud and video services (virtual set top box) Monetize security and digital identity features MATURITY LEVEL EXPLORE PoC TRIAL DEPLOY NFV Current Targets: Elastic DPI CENTRALISED INTELLIGENCE Other data Deeper Network Big Data RELEVANT INFO Copy REAL-TIME ANALYSIS Metadata interface Security Alarms OpenFlow RAW USER TRAFFIC RAW USER TRAFFIC NFV domain xDRs POLICY DECISIONS MITIGATION SDN domain OF Controller OF Switch • >80 Gbps line rate per server • Stable signatures • Flexible data analysis and signature upgrade • Forensic analysis feasible. MATURITY LEVEL EXPLORE DISCOVER, DISRUPT, DELIVER PoC TRIAL DEPLOY NFV Current Targets: SW BNG BNG • QinQ termination • LPM Routing • GRE tunnelling (reference for wholesale services) • MPLS tunnelling • 80 Gbps line rate switching per server MATURITY LEVEL EXPLORE DISCOVER, DISRUPT, DELIVER PoC TRIAL DEPLOY NFV Current Targets: Enhanced Virtual Router Leverage on open source routing project (Quagga) as rich and widely tested protocol suite while assuring data plane performance OPEN-SOURCE CONTROL PLANE (Quagga + Linux) • Common routing protocols supported and extended by open source project. • Well-known router command line. OPTIMIZED DATA PLANE (DPDK-based) • High-performance line-rate data plane. • Running as separate process, does not lead to licensing issues. MATURITY LEVEL EXPLORE DISCOVER, DISRUPT, DELIVER PoC TRIAL DEPLOY An Evolutionary Approach • NFV implies a significant change for current network infrastructures No zero-day approach is feasible Avoiding disruptions • Identify relevant use cases Emerging services Reuse of equipment still in amortization Leverage on new planned elements in architecture Soft-Node • Plan for phased deployments Interworking with existing infrastructure Not breaking current operational practice • Take advantage of NFV advantages Flexibility Extensibility Reusability DISCOVER, DISRUPT, DELIVER DS vCPE