Add to collection(s) Add to saved
  1. Business

Network functions virtualization and software management

ericsson White paper
Uen 284 23-3248 | December 2014
Network
functions
virtualization
and software
management
LEVERAGING THE FULL POTENTIAL WITH NETWORK SLICING
Network Functions Virtualization technology allows for easier creation and
expansion of separate logical nodes and functions for a specified group of traffic
and signaling, often referred to as a network slice. In turn, network slicing opens up
a new way of achieving in-service software management at the network level.
The purpose
of NFV
Network Functions Virtualization (NFV) is commonly described as a network architecture concept
that uses IT virtualization technologies to virtualize entire classes of network node functions into
building blocks that may be connected or chained together to create communication services.
The initial interest in introducing NFV into telecom has, to a large extent, been driven by the
desire to decrease costs through the use of generic hardware platforms as well as the separation
of software and hardware lifecycles. This discussion has subsequently been combined with
promises of increased efficiency from the IT industry when running networking applications in
virtual machines within data centers.
As the discussion has progressed, it has shifted further towards efficient management and
improved time-to-market for new services.
Some of the most promoted benefits of NFV include:
›› Flexibility – easier and quicker installation and provisioning of the network, which
allows for more rapid service deployments.
›› Cost – the above-mentioned flexibility has the potential to lower costs for managing
services deployed in a network, as well as managing the network itself.
›› Scalability – introduction of software services allows for easier scaling of available
hardware resources. By scaling resource needs up and down over the course of the
day and expanding capacity over time or in reaction to extraordinary events, it would
be possible, for some use-cases, to increase the utilization of the equipment and allow
for more efficient use of investments in the installed compute power.
›› Security – security has been and continues to be, along with virtualization, a major
challenge in networking. Operators want to be able to provision and manage the
network in a secured manner, and NFV helps them achieve security and integrity
through separation and isolation (as long as the environment is secured).
›› Rapid deployment in another network – to better meet user needs, service providers want
the ability to deploy their offerings anywhere in the world. Virtualization simplifies this.
For NFV to become really useful, software-defined networking (SDN) technology is required.
SDN allows computer-network administrators to manage network services by hiding physical
deployments and presenting them as virtualized services. Network services also need to be
virtualized in order to reach the same level of flexibility and achieve the advertised simplifications
and gains of NFV. Without this, it is not possible to realize many of the promises of NFV in the
data center.
The introduction of SDN adds even more potential to NFV, as traffic no longer needs to be
steered based on IP addresses alone. With SDN technology, it can instead be handled on a
per-flow basis, which allows for fine granular control of the traffic, with service-chaining solutions
of subscriber policies serving as good examples. SDN may, of course, also be used to steer
which path to use when several functionally identical paths are available.
NETWORK FUNCTIONS VIRTUALIZATION AND SOFTWARE MANAGEMENT • THE PURPOSE OF NFV
2
Network slicing
A logical instantiation of a network is often called a network slice. Network slices are possible to
create with both legacy platforms and network functions, but virtualization technologies substantially
lower barriers to using the technology, for example through increased flexibility and decreased costs.
Currently, management of networks is mostly about managing individual network elements. One
of the major ideas behind NFV is to automate management for the entire network so that complex
network-spanning tasks are easier to perform. Integration of different NFV components will still be
a complex task for the operator, but on the other hand NFV allows an entire network to be delivered
as a pre-integrated network slice.
Another aspect of management and network slicing is setting up separate management domains
for different network slices. This may allow for completely separate management of different parts
of the network that are used for different purposes. Examples of use cases include mobile virtual
network operators (MVNOs) and enterprise solutions. This kind of network slice would, in current
Evolved Packet Core (EPC) networks, only cover the PDN gateway (PGW) and the policy control
resource function (PCRF). However, for machine type communication (MTC) and machine-tomachine (M2M) solutions, it is likely that it would also cover the Mobile Management Entities (MMEs)
and Serving Gateways (SGWs).
Separation of management may also be expanded into security aspects. Separate management
per network slice, as described above, is a first step towards this, but by using network slicing it
would be possible to deploy virtual network functions (VNFs) in separate networks with separate
configuration and network topology. Add to this the potential to run VNFs on dedicated hardware,
which provides more predictive characteristics as well, and it is obvious that improved security
and improved quality of service assurance are also important aspects of network slicing technology.
When the operator sources a complete network slice from a single vendor, the vendor can deploy
a network optimized for a selected set of terminals according to policy and behavior. The network
slice may, for example, be resilient to hardware and software failures, or it may be optimized for
signaling intensive behaviors, such as in machine-to-machine terminals.
When a network slice covers only a part of the network
topology, it is called a sub-network slice, which indicates
that network slicing can also be hierarchical. The most
commonly used containment of network slices in EPC is
the PGW and PCRF in the same slice. Since the PGW
selects the PCRF and the Access Point Name (APN) name
is used for PGW selection from the MME, the selection
mechanisms employed here are often already in use in
legacy networks. But with network slicing in the data center,
they are likely to be even more commonly used. It is also
likely that there will be dedicated PGWs and PCRFs for
many different deployments, both small and large.
Adding a SGW to the previous network slice of a PGW
and PCRF and thereby creating another level of network
slicing (while still supporting connections from other SGWs
to the PGW) is a solution that is of interest when co-located
SGWs and PGWs are used. As specified by 3GPP, the SGW
selection in the MME can take the selected PGW into
account.
Throughout this paper, virtualized EPC networks and
other mobile network solutions will be used as specific
examples, although the generic principles are just as
applicable to other scenarios such as fixed broadband
Figure 1: Examples of network slices in an Evolved Packet Core deployment.
access, legacy platforms and other networking nodes.
NETWORK FUNCTIONS VIRTUALIZATION AND SOFTWARE MANAGEMENT • NETWORK SLICING
3
Using network
slicing for
software upgrades
Network slicing is not only used for simplifying the management of the network when running it with a static
function set. It also has the potential to make changes to the functionality realized by networking functions.
One of the more costly processes when managing an operator network is to upgrade networking
software. This process includes many complex and costly tasks, such as maintaining a parallel network
deployment for testing new software and configurations, including validation of compatibility of the different
software versions of different networking products. The process also includes validation of network
configuration changes and validation of features and properties added by the vendor, as well as running
the system to make sure that no issues are introduced in old functionality when upgrading the system.
Another aspect to consider is that the tests in the lab network do not correspond to the actual behavior
of the network in live operation. This real-world behavior might require rollback of an upgrade if issues
are identified.
With a complex network with many different network elements, the total time it takes to upgrade a
network can be as high as the total sum of upgrading all of the network elements one by one in a row.
This is often the limiting factor for adding functionality to a network.
If an operator is orchestrating management for data center functionality such as VNF scaling, it also
makes sense to use that particular management solution when handling software upgrades. If the
management solution is orchestrating a network slice, it also makes sense to upgrade the end to end
service per network slice as well. This is especially true if upgrades of the individual VNFs impact the
operation and maintenance (O&M) solution and perhaps also business systems such as charging and
event logging servers. This then drives an integration of O&M and business solutions.
Network slicing can drastically simplify the installation, validation and on-boarding of traffic for new
software versions and, at the same time, decrease risks, as the integration can be done in advance and
the on-boarding can also be done step-by-step while still evaluating the functionality.This has the potential
to reduce deployment time of a slice down to minutes, and validation down to hours. If something goes
wrong when activating a new network slice, the step-by-step migration is available for rollbacks as well,
minimizing the risk of impacting higher-prioritized active user sessions.
SETTING UP A PARALLEL NETWORK SLICE FOR VALIDATION
When adding new functionality to a network, the affected network elements must all be updated and
verified to support both the new and legacy functionalities.This is a complex integration activity that often
takes several months. To avoid problems with live networks, some of these activities are often performed
in a separate lab network that is used to verify new integration of products and configurations. This lab
network can then be seen as a separate slice of the operator’s network, even though it only has limited
connectivity to the rest of the network.
Network slicing allows operators to set up a lab network in parallel with the live network in the data
center environment. Here they may reuse parts of the network configuration for the live instance. By taking
a snapshot of the running configuration as a baseline for the new network slice, reconfigurations can be
kept at a minimum.
Test tools and other validation mechanisms can then be run on this network deployment without risking
the live network. When the network slice is fully tested, the same setup can be taken into live service as
it is already running in the same data center environment.
Other aspects of network slicing, such as security features and separate management, enhance this
solution even further.
NETWORK FUNCTIONS VIRTUALIZATION AND SOFTWARE MANAGEMENT • USING NETWORK SLICING FOR SOFTWARE UPGRADES
4
CONNECT THE PARALLEL NETWORK TO THE TERMINALS
If the new software deployment works well in the lab environment, it is possible to add real terminals to
the setup. Depending on the networking setup, different identifiers may be of interest. As an example,
selection of APN in EPC can be used to select SGW and PGW. When applicable, steering based on the
International Mobile Subscriber Identity (IMSI) of an actual terminal, or even IMSI-series or PLMN-IDs,
can allow actual terminals to use the live radio interfaces. This allows further verification that is hard to
simulate in a test environment.
With real terminals in the network slice, the KPIs from these can be compared to KPIs from the live
network. For instance, if the functionality is to be the same after a software upgrade of the components
in a network slice, the KPIs should scale in the same manner, which makes this validation possible to
automate as well.
Figure 2: Load when migrating between network slices.
STEP-BY-STEP MIGRATION OF SESSIONS
Once testing with friendly users has been performed, a major advantage of network slices appears. As
the deployment is done on virtual resources, there are minimal obstacles preventing it from being set to
live service. The needed functionality is there, including scalability. The software deployment is therefore
ready to take into service. To do this, real user terminals need to start using the new network slice. With
the proper selection mechanisms in place – such as Domain Name System (DNS) for SGW and PGW,
and in the future Dedicated Core (DECOR) for MME, with PLMN-ID possibly used in some cases (for
example, for handling roamers differently) – this can be implemented in a finer and more granular way. By
first re-attaching terminals that have a low monthly subscription fee or are pre-paid to the new network
slice, the risk to subscribers that pay for and require a better service is decreased. Monitoring of KPIs
during this process allows the operator to further evaluate whether everything is working as expected.
There are many aspects to consider when performing a process like this. First of all, the re-attach rate
is normally within reasonable limits, as the existing EPC nodes need to cater for the signaling load of reattaching terminals. However, in this case, scaling during operation requirements is added on top, though
it is usually not an issue if the application scaling triggers are dimensioned properly.
The next thing that vendors need to address is that not all terminals will re-attach within reasonable
time. Sessions may have a lifetime of weeks or more, and terminal sessions therefore need to be terminated
sooner or later. Figure 2 shows how load moves from one network slice to the other. At the end, one can
also see sessions being torn down when the network slice is taken down and the corresponding gradual
activation of sessions on the other network slice that maps to that.
NETWORK FUNCTIONS VIRTUALIZATION AND SOFTWARE MANAGEMENT • USING NETWORK SLICING FOR SOFTWARE UPGRADES
5
As an example, within EPC, the MME and SGW can be relocated with an active PDN connection
through mobility procedures, but the PGW cannot be upgraded with an active session (due to the anchoring
of a user IP address). So for the PGW and PCRF to be re-selected, current 3GPP standards require a
re-attach that would terminate any ongoing traffic. Many of the services used in a terminal in an EPC
network would accept a new IP address for the session due to a re-attachment to the network without
only minor service impact. For many network deployments, it is therefore permissible to throw out the
PDN connection (preferably with a re-attach requirement indication in the signaling) and wait for a new
PDN connection to be established. Such an establishment can then be done directly towards the new
network slice, including the PGW and PCRF.
Figure 3: Example of parallel EPC networks with different software version combinations and
configurations.
A use case that needs more attention is when a service that requires high end to end availability is
running on a dedicated APN on a dedicated PGW that is not part of the upgraded network slice in EPC,
which could, for instance, be aVoLTE service. Upgrading the network slice would need to support mobility
procedures in between the network slices if this upgrade is to be done without service interruption. This
is possible, but might not be a prioritized solution.
Instead, the simplest and most obvious way to address long-lived sessions during software upgrades
is to initiate a re-attach procedure from the dedicated services APN when it is suitable for that service.
Then it is only the service on the dedicated APN and PGW that needs to be re-attached. This does not
have to be managed together in a service-oriented network slicing deployment with mobile-broadband
services; instead it may be handled together with management procedures dedicated to the service in
order to decrease the end to end impact. As this example shows, when multiple coordinated connections
exist, the solution becomes more complex but still easier to manage and with less service impact compared
to the legacy solutions.
With NFV technology and network slicing, a parallel network can therefore be easily provisioned and
tested in a data center environment. It allows for easy verification and for a step-by-step approach to
migrating sessions to the new network.
It is also worth noting that when a single vendor delivers the software for an entire network slice, the
solution for parts of the network may be pre-integrated and delivered by that vendor. This simplifies the
integration activities for the operator, as the components can be sourced and maintained as a ready
solution. With software upgrades based on network slicing, the value of pre-integrated software increases
even further as much of the complexity of the software upgrades becomes the responsibility of the vendor.
NETWORK FUNCTIONS VIRTUALIZATION AND SOFTWARE MANAGEMENT • USING NETWORK SLICING FOR SOFTWARE UPGRADES
6
A SUMMARIZED SOFTWARE UPGRADE PROCEDURE (AN EXAMPLE USING EPC)
›› Task: The operator wants to upgrade the network to a new software version to support
new services.
›› Pre-requisite: A set of terminals is attached to the radio network and an existing
network slice of the EPC.
›› First step: Create a new network slice.
The slice is deployed with the desired software versions of the desired VNFs. The
software components and versions may be pre-delivered and integrated by a single
vendor, but this is not a requirement.
The software is then configured according to the desired functionality. For a pure
software upgrade, this is, in principle, a clone of the software configuration of the
currently active network slice. If a change in behavior is to be activated, the
configuration is modified accordingly.
›› Second step: Run quality assurance procedures.
When quality assurance tools are available, such as end to end test tools, these can be
run to ensure that the new network slice is behaving according to expectations. The
next level of assurance is to let friendly users use the network. Validation during and
after such procedures can also be done through inspection of KPIs.
›› Third step: Migration of re-activating sessions.
According to existing 3GPP procedures, active sessions cannot be migrated when
they are active, so migration of sessions is done during attach and re-attach
procedures. The migration can be done slowly to allow for automatic inspection of KPIs
in order to identify potential issues with the new software versions or configurations. It
is reasonable to address the most demanding subscriptions last, as the risk of
something going wrong normally decreases with time and load of the new deployment.
›› Fourth step: Schedule re-activation of sessions.
Active sessions that do not re-attach to the network will not be able to connect to a
new PGW, even though the SGW and MME can be relocated. To handle this, the PGW
needs to disconnect active PDN connections. One efficient way of doing this with
minimal service impact is to disconnect inactive subscribers, which will disconnect
sessions that have not been used for a configured time.
›› Fallback: If there is any indication that the new network slice is not able to fulfill the
requirements for the solution, it is easy to perform a fallback at any step in the process.
All that is required is to update the slice selection configuration and wait for the
sessions to move over. When the new slice is to be removed, or if the issues with the
new slice are too troublesome, then a controlled scheduling of re-attachment
procedures for active sessions on the new network slice can be initiated.
NETWORK FUNCTIONS VIRTUALIZATION AND SOFTWARE MANAGEMENT • USING NETWORK SLICING FOR SOFTWARE UPGRADES
7
Conclusion
Network slicing allows an operator to put more focus on the management of network solutions
driven by business cases. With network slicing, a parallel network can be set up with a new
software version of the involved functionality, followed by step-by-step migration of sessions –
lowering the risk for the operator and ensuring minimal disruption to subscribers.
Network slicing is simplified by NFV, and therefore opens up a new way of achieving telecomgrade software management at the network level by focusing on the characteristics needed for
a specific business segment. As a result, it enables more efficient business models for operators
while simplifying software architecture requirements, including software upgrades, on network
elements such as MME, SGW and PGW.
With software upgrades based on network slicing, the value of vendor pre-integrated software
increases, as much of the complexity of the software upgrades can become the responsibility
of the vendor.
NETWORK FUNCTIONS VIRTUALIZATION AND SOFTWARE MANAGEMENT • CONCLUSION
8
GLOSSARY
APN
DECOR
DNS
EPC
IMSI
M2M
MME
MTC MVNO
NFV
O&M
PCRF
PDN
PGW
PLMN-ID
SDN
SGW
VNF
Access Point Name
Dedicated Core (3GPP Work Item)
Domain Name System
Evolved Packet Core
International Mobile Subscriber Identity
machine-to-machine
Mobility Management Entity
machine type communication
mobile virtual network operator
Network Functions Virtualization
operation and maintenance
policy control resource function
Public Data Network
PDN gateway
Public Land Mobile Network Identifier
software-defined networking
Serving Gateway
virtual network function
© 2014 Ericsson AB – All rights reserved
NETWORK FUNCTIONS VIRTUALIZATION AND SOFTWARE MANAGEMENT • GLOSSARY
9
Related documents
Bouncing balls: Sum of an infinite geometric sequence
Bouncing balls: Sum of an infinite geometric sequence
Story Map Concepts - Jeff Patton & Associates
Story Map Concepts - Jeff Patton & Associates
Boeing-Rocketdyne: Using the Case Analysis Process
Boeing-Rocketdyne: Using the Case Analysis Process
September 2005 - Topographic Corrected - GPR
September 2005 - Topographic Corrected - GPR
Topic C 7•6
Topic C 7•6
The back analyses have been performed using the limit equilibrium
The back analyses have been performed using the limit equilibrium
Columbia University College of Dental Medicine STEP Grade 9
Columbia University College of Dental Medicine STEP Grade 9
Analysis of Wake Flows for Induced Drag Reduction
Analysis of Wake Flows for Induced Drag Reduction
Download