http://im2015.ieee-im.

org/content/tutorials-2

Tutorial 2 :: Network Functions Virtualization

NFV - Perspectives, Reality and Challenges

Prof. Dr. Cesar Marcondes (UFSCar, Brazil) [Presenter]

Prof. Dr. Christian Esteve Rothenberg (UNICAMP, Brazil)
May-15 2015
IFIP IEEE Intregrated Network Managemetn 2015, Canada, May, 2015
 Tutorial Syllabus
• NFV: Motivation and Problem Statement
– Trends in IT & Telecom Challenges
– NFV & SDN
• Network Functions Virtualization
– Vision & Approach
– Benefits & Promises
– ETSI NFV ISG Working Groups & Reference Architecture
• NFV Requirements and Challenges
– Performance, scalability, management, orchestration, resilience, security,
portability, interoperability, etc.
– Ongoing Research efforts
• Use Cases and Proof-of-Concepts
– CloudNFV, Service Chaining, VNF State Migration and Interoperability.
Distributed-NFV, Multi Vendor vIMS, ForCES, Hardware Acceleration,
Virtual EPC Gateway
• Overview of Enabling Technologies
– Programmable vSwitches, Minimalistic OS (ClickOS), lightweight
virtualization (Docker, LXC), Improving Linux I/O, x86 packet processing
(Intel DPDK), vRouter (Vyatta), OpenStack, OPNFV
 Network Functions Virtualisation (NFV)
A joint operator initiative and
call-for-action to industry

A joint operator push to the IT and Telecom industry,

to provide a new network production environment,
based on modern virtualization technology,
to lower cost, raise efficiency and to increase agility.

We believe Network Functions Virtualisation is applicable to any data plane packet processing
and control plane function in fixed and mobile network infrastructures (WP)
Motivation
Problem Statement
• Complex carrier networks
– with a large variety of proprietary nodes and hardware appliances.
• Launching new services is difficult and takes too long
– Space and power to accommodate
– requires just another variety of box, which needs to be integrated.
• Operation is expensive
– Rapidly reach end of life Traditional Network model
– due to existing procure-design,-
integrate-deploy cycle.

 Network functionalities are based on specific HW&SW

 One physical node per role
 Sisyphus on Different Hills
Telco Cycle Service Providers Cycle
Idea !! Idea !!
AVAILABLE AVAILABLE

Telco Operators Deploy Develop Deploy Publish

Demand Service Providers

2-6 Months

Equipment Sell
Vendors
Drive

Standardise
Implement
SDOs Critical mass of
supporters
2-6 Years

2-6 years 2-6 months

Source: Adapted from D. Lopez Telefonica I+D, NFV
NFV >>> Accelerating Transformation

Source: Adapted from D. Lopez Telefonica I+D, NFV

 Enter the Software-Defined Era
Traditional telcos Internet players

• Very intensive

•
in hardware
Software not at
x •

•
Very intensive
in software
Hardware is a
the core necessary base

HARDWARE+ SOFTWARE
+
-

AT&T, Telefonica, Google, Facebook

Telebras

Adapt to survive: Telco evolution focus shifting from hardware to software

Source: Adapted from D. Lopez Telefonica I+D, NFV
 Scale and Virtualization in the Timeline
Early twentieth century Mid-twentieth century

• Manual Switching • Electromechanical

• Very intensive in
human resources
x •
Switching
Less intensive in
• Era dominated by human resources
hardware • Era dominated by
complex hardware
Virtualization technologies enables
overcoming physical constraints and
generating multiplexing gains…
• Digital Switching • Internet connectivity
Não é po ssível exibir esta imagem no momento.

x
• Much less intensive in
human resources x opens the door to the
development of OTT
• Era dominated by services (without
complex and specific Não é po ssível exibir esta imagem no momento.
operator)
hardware. Software • Software becomes a
appears and is important differentiation asset
• Services defined by telco
Second half of the twentieth century Early twenty-first century
Source: Adapted from D. Lopez Telefonica I+D, NFV
Trends Challenges
• High performance industry • Huge capital investment to deal with
standard servers shipped in very current trends
high volume
• Network operators face an increasing
• Convergence of computing,
storage and networks disparity between costs and revenues
• New virtualization technologies • Complexity: large and increasing
that abstract underlying hardware variety of proprietary hardware
yielding elasticity, scalability and appliances in operator’s network
automation • Reduced hardware lifecycles
• Software-defined networking • Lack of flexibility and agility: cannot
• Cloud services move network resources where &
• Mobility, explosion of devices and when needed
traffic
• Launching new services is difficult and
takes too long. Often requires yet
another proprietary box which needs to
be integrated

Source: Adapted from D. Lopez Telefonica I+D, NFV

 Observation

• Commercial-off-the-shelf IT-platforms
– allow to host a large variety of applications.
• New virtualization technology allows to abstract HW,
– enables elasticity, scalability and automation.
• Network Technology suppliers already use such vTech,
– but in a proprietary way. Virtualised Network Model
SW-defined
functionalities

Common &
Early adopters offer virtualized shared HW
architecture
versions of their products
 Net functionalities are SW-based over well-known HW
Source: NFV
 Multiple roles over same HW
 The NFV Concept
A means to make the network more flexible and simple by
minimising dependence on HW constraints

Traditional Network Model: Virtualised Network Model:

APPLIANCE APPROACH
Não é po ssível exibir esta imagem no momento.
v v
VIRTUAL APPLIANCE APPROACH
Não é po ssível exibir esta imagem no momento.
Não é po ssível exibir esta imagem no momento.

DPI CG-NAT GGSN/ VIRTUAL

BRAS SGSN APPLIANCES
DPI
Firewall PE Router
BRAS
Não é po ssível exibir esta imagem no momento.
Não é po ssível exibir esta imagem no momento.
GGSN/SGSN
Não é po ssível exibir esta imagem no momento.
ORCHESTRATION, AUTOMATION
& REMOTE INSTALL
PE Router STANDARD
Session Border
Firewall CG-NAT Controller HIGH VOLUME
SERVERS
 Network Functions are based on specific HW&SW  Network Functions are SW-based over well-known HW
 One physical node per role  Multiple roles over same HW

Source: Adapted from D. Lopez Telefonica I+D, NFV

 Target
Independent Software Vendors
Classical Network Appliance Approach

Message CDN Session Border WAN

Acceleration Orchestrated,
Router Controller
automatic &
remote install.

DPI Firewall Carrier Tester/QoE

Grade NAT monitor Standard High Volume Servers

Standard High Volume Storage

SGSN/GGSN PE Router BRAS Radio Access

Network Nodes
Standard High Volume
• Fragmented non-commodity hardware. Ethernet Switches
• Physical install per appliance per site.
• Hardware development large barrier to entry for new
vendors, constraining innovation & competition. Network Virtualisation Approach
Source: NFV
 NFV :: Network Functions Virtualization
• Network Functions Virtualization is about implementing network
functions in software - that today run on proprietary hardware -
leveraging (high volume) standard servers and IT virtualization
• Supports multi-versioning and multi-tenancy of network functions, which
allows use of a single physical platform for different applications, users
and tenants
• Enables new ways to implement resilience, service assurance, test and
diagnostics and security surveillance
• Provides opportunities for pure software players
• Facilitates innovation towards new network functions and services that
are only practical in a pure software network environment
• Applicable to any data plane packet processing and control plane
functions, in fixed or mobile networks
• NFV will only scale if management and configuration of functions can be
automated
• NFV aims to ultimately transform the way network operators architect and
operate their networks, but change can be incremental

Source: Adapted from D. Lopez Telefonica I+D, NFV

 Benefits & Promises of NFV (1/2)
• Reduced equipment costs (CAPEX)
– through consolidating equipment and economies of scale of IT industry.
• Increased speed of time to market
– by minimising the typical network operator cycle of innovation.
• Availability of network appliance multi-version and multi-tenancy,
– allows a single platform for different applications, users and tenants.
• Enables a variety of eco-systems and encourages openness.
• Encouraging innovation to bring new services and generate new
revenue streams.

Source: NFV
 Benefits & Promises of NFV (2/2)
• Flexibility to easily, rapidly, dynamically provision and
instantiate new services in various locations
• Improved operational efficiency
• by taking advantage of the higher uniformity of the physical network
platform and its homogeneity to other support platforms.
• Software-oriented innovation to rapidly prototype and test
new services and generate new revenue streams
• More service differentiation & customization
• Reduced (OPEX) operational costs: reduced power, reduced
space, improved network monitoring
• IT-oriented skillset and talent

Source: Adapted from D. Lopez Telefonica I+D, NFV

 Some Use Case Examples Driving NFV
…not in any particular order

• Switching elements: BNG, CG-NAT, routers.

• Mobile network nodes: HLR/HSS, MME, SGSN, GGSN/PDN-GW.
• Home networks: Functions contained in home routers and set top boxes to
create virtualised home environments.
• Tunnelling gateway elements: IPSec/SSL VPN gateways.
• Traffic analysis: DPI, QoE measurement.
• Service Assurance: SLA monitoring, Test and Diagnostics.
• NGN signalling: SBCs, IMS.
• Converged and network-wide functions: AAA servers, policy control and
charging platforms.
• Application-level optimisation: CDNs, Cache Servers, Load Balancers,
Application Accelerators.
• Security functions: Firewalls, virus scanners, intrusion detection systems,
spam protection.

Source: NFV
Carrier Priorities

Src: NFV – Dell point of view (Dell)

 Some Drivers
Complex home environment Home simplification
Home environment Network environment Network environment

STB Home environment STB

CPE
CPE UPnP FW

TR-069 IPv4/IPv6
IPv4 NAT UPnP FW Access Point Switch Módem TR-069
Não é po ssível exibir
esta imagem no
momento.

Não é po ssível exibir

esta imagem no
DHCP NAT
momento.

DHCP Access Point Switch Modem

• Simplification or even supression (STB)

• No need for home router replacement as it is
updated by configuration
Virtual CPE

• Fast deployment for new services

• Inexpensive IPv6 migration maintaining legacy
home routers

Multiple IP Edges A unified software IP Edge

VIRTUALISATION
CONTROL

Não é po ssível exibir esta imagem no

momento.
NAT
Sessio UPnP ctrl.
• An IP Edge for each service (voice, n NAT
Virtual IP Edge

IPv4 /
mgmt
IPv6
video content, Internet) TR-069 DHCP
Pool
admin

• Scattered and not well integrated

control functions (e.g. DPI, BRAS, SW- HW POOL SW-
PCRF) BASED MANAGEMENT BASED
BRAS CG-NAT
Source: Adapted from D. Lopez Telefonica I+D, NFV
 …More Drivers…
Having the flexibility of moving functionalities between different

RRH

RRH
locations may help to network to adopt the best option in each case
• All the network concentrated in the base

BBU

RRH
station
Mobile Network Virtualisation

INTERNET POP S-GW/MME

Functional mobility

• C-RAN: All the base station

RRH

RRH
Central Office
BTS hostel
functionalities, except for the antennas
and power amplifiers, concentrated in a S-GW/MME1 S-GW/MME2 BBU1 BBU2
centralized location
RRH2

RRH2
Central Office Radio over Fiber link Medium capacity
bachkhaul

S-GW/MME
BBU RRH1

Current DPI Everything replicated in 100s of boxes Virtual DPI Centralised intelligence
which need to be orchestrated!
& orchestration
Monitoring/enforcement loop

POINT OF PRESENCE (x100s) POINT OF PRESENCE (x100s) Other data

DPI External data Deeper

Network
REAL-TIME
Big Data
RELEVANT
xDRs PACKETS
Metadata interface ANALYSIS
RELEVANT REAL-TIME
PACKETS ANALYSIS xDRs
Security
POLICY Alarms
Copy
DECISIONS OpenFlow
RAW USER TRAFFIC POLICY
DECISIONS
ENFORCEMENT
RAW USER TRAFFIC
RAW USER TRAFFIC
RAW USER TRAFFIC ENFORCEMENT OF Controller
OF Switch

Source: Adapted from D. Lopez Telefonica I+D, NFV

 … And a Couple More
Virtualized CGNAT

• NAT44 function, extensible to IPv6 transition

• 40 Gbps full-duplex line rate per server
• Support of overlapping addresses and tunnelling
• Auto-provisioning of NAT sessions per access line

• Leverage on open source routing project as

rich and widely tested protocol suite while
Optimized Quagga data plane

assuring data plane performance

•Common routing protocols supported and
extended by open source project
•High-performance line-rate data plane
•Running in separate process, does not lead to
licensing issues
Source: Adapted from D. Lopez Telefonica I+D, NFV
Overview of NFV Use Cases. Source: ETSI NFV ISG Updated White Paper
 So, why we need/want NFV(/SDN)?
1. Virtualization: Use network resource without worrying about where it is
physically located, how much it is, how it is organized, etc.
2. Orchestration: Manage thousands of devices
3. Programmable: Should be able to change behavior on the fly.
4. Dynamic Scaling: Should be able to change size, quantity, as a F(load)
5. Automation: Let machines / software do humans’ work
6. Visibility: Monitor resources, connectivity
7. Performance: Optimize network device utilization
8. Multi-tenancy: Slice the network for different customers (as-a-Service)
9. Service Integration: Let network management play nice with OSS/BSS
10. Openness: Full choice of modular plug-ins
Note: These are exactly the same reasons why we need/want SDN.

Source: Adapted from Raj Jain

 SDN+NFV
IT & Networking Growing Together

Source: NEC
 Software Defined Networking

SDN

Network equipment as Open interfaces (OpenFlow) for

Black boxes instructing the boxes what to do

FEATURE FEATURE
OPERATING SYSTEM

SPECIALIZED PACKET
FEATURE FEATURE FORWARDING HARDWARE FEATURE FEATURE
OPERATING SYSTEM OPERATING SYSTEM

SPECIALIZED PACKET SPECIALIZED PACKET

FORWARDING HARDWARE FEATURE FEATURE FORWARDING HARDWARE

OPERATING SYSTEM

SPECIALIZED PACKET
FORWARDING HARDWARE
SDN
Boxes with autonomous
behaviour Decisions are taken out of the box

SDN
FEATURE FEATURE

OPERATING SYSTEM

SPECIALIZED PACKET
FEATURE FEATURE FORWARDING HARDWARE FEATURE FEATURE
OPERATING SYSTEM OPERATING SYSTEM

SPECIALIZED PACKET SPECIALIZED PACKET

FORWARDING HARDWARE FEATURE FEATURE FORWARDING HARDWARE

OPERATING SYSTEM

SPECIALIZED PACKET

Simpler OSS to manage the SDN

FORWARDING HARDWARE

Adapting OSS to manage black boxes controller

Source: Adapted from D. Lopez Telefonica I+D, NFV
 SDN and NFV
• SDN and NFV do NOT depend on each other

Source: Uwe Michel, T-Systems

Scope of NFV and OpenFlow/SDN

Source: NEC
 NFV vs SDN
• NFV: re-definition of network equipment architecture
• NFV was born to meet Service Provider (SP) needs:
– Lower CAPEX by reducing/eliminating proprietary hardware
– Consolidate multiple network functions onto industry standard
platforms
• SDN: re-definition of network architecture
• SDN comes from the IT world:
– Separate the data and control layers,
while centralizing the control
– Deliver the ability to program network behavior using well-
defined interfaces
Source: Bob Briscoe, BT
ETSI NFV
 History of NFV
• Network operators had independently discovered that NFV
technology now has sufficient performance for real-world
network work loads
• Informal discussions on cooperation to encourage industry
progress began at ONS in San Francisco in April 2012
• At an operator meeting in Paris in June 2012 we coined the
new term “Network Functions Virtualisation (NFV)”.
• We decided to convene a new industry forum, and publish a
joint white paper to galvanise the industry
• At a meeting in San Francisco in September 2012 we
decided to parent the new forum under ETSI
• In October 2012 we published the first joint-operator NFV
white paper as a “call to action”.
• This paper is widely regarded as the seminal paper heralding
this new approach for networks.
• The first NFV ISG plenary session was held in January 2013
• In October 2013 the first NFV ISG documents were released
after only 10 months, and a second joint-carrier NFV white
paper published to provide our perspectives on progress.
Source: Adapted from D. Lopez Telefonica I+D, NFV
 The ETSI NFV ISG
• Global operators-led Industry • Currently, four WGs and two EGs
Specification Group (ISG) under the – Infrastructure
auspices of ETSI – Software Architecture
– ~150 member organisations – Management & Orchestration
• Open membership – Reliability & Availability
– ETSI members sign the “Member – Performance & Portability
Agreement” – Security
– Non-ETSI members sign the
“Participant Agreement”
– Opening up to academia
• Operates by consensus
– Formal voting only when required
• Deliverables: White papers
addressing challenges and operator
requirements, as input to SDOs
– Not a standardisation body by itself
Source: Adapted from D. Lopez Telefonica I+D, NFV
ISG Working Group Structure
 Architectural Working Groups
• Related to functional requirements
• Have a clear location in the NFV architecture
– Keep consistency with both requirements and architecture

• INF: Supporting infrastructure interfaces and elements

• MANO: External interfaces and behaviour of a VNF
• SWA: Internals of a VNF

• Refining the architecture

• Addressing use cases
• Mostly oriented to produce reference documents

Source: Adapted from D. Lopez Telefonica I+D, NFV

 Transversal Working and Expert Groups
• Related to non-functional requirements
• Transversal to the architecture
– And influencing the architectural groups

• PER: Predictability in the data plane and function portability

• REL: Specify resiliency requirements, mechanisms , and
architectures
• SEC: Function by function and infrastructure

• Refining the requirements

• Assessing use cases
• Mostly concerned with recommendations and arch models
Source: Adapted from D. Lopez Telefonica I+D, NFV
ETSI NFV External Consolidation
High-level Architecture
ETSI NFV Reference Architectural
Framework
Closing the Gaps

Source: Adapted from D. Lopez Telefonica I+D, NFV

First Steps: Telefonica NFV Ref Lab

Source: Adapted from D. Lopez Telefonica I+D, NFV

Soru

Source: Vance Shipley

Rethinking relayering
 NFV Layers
E2E Network Service
End End
Point Network Service Point
Logical Abstractions
VNF VNF

VNF VNF VNF

Logical Links

VNF Instances
SW Instances
VNF VNF VNF VNF
VNF : Virtualized Network Function

NFV Infrastructure

Virtual Resources Virtual Virtual Virtual

Compute Storage Network
Virtualization SW Virtualization Layer
HW Resources Compute Storage Network

Source: Adapted from D. Lopez Telefonica I+D, NFV

 NFV Concepts
• Network Function (NF): Functional building block with a well defined
interfaces and well defined functional behavior
• Virtualized Network Function (VNF): Software implementation of NF that
can be deployed in a virtualized infrastructure
• VNF Set: Connectivity between VNFs is not specified,
e.g., residential gateways
• VNF Forwarding Graph: Service chain when network connectivity order is
important, e.g., firewall, NAT, load balancer
• NFV Infrastructure (NFVI): Hardware and software required to deploy,
mange and execute VNFs including computation, networking, and storage.
• NFV Orchestrator: Automates the deployment, operation, management,
coordination of VNFs and NFVI.

Source: Adapted from Raj Jain

VNF Design Patterns and VNFCs
 NFV Concepts
• NFVI Point of Presence (PoP): Location of NFVI
• NFVI-PoP Network: Internal network
• Transport Network: Network connecting a PoP to other PoPs or external
networks
• VNF Manager: VNF lifecycle management e.g., instantiation, update, scaling,
query, monitoring, fault diagnosis, healing, termination
• Virtualized Infrastructure Manager: Management of computing, storage,
network, software resources
• Network Service: A composition of network functions and defined by its
functional and behavioral specification
• NFV Service: A network services using NFs with at least one VNF.

Source: Adapted from Raj Jain

 Network Forwarding Graph
• An end-to-end service may include nested forwarding graphs

Source: Adapted from Raj Jain

 NFV Concepts
Network Service (NS):
• Described by the NS descriptor, orchestrated by NFVO
• May cover 1 or more VNF Graphs, VNFs and PNFs
VNF Forwarding Graph (VNFFG):
• Described by the VNFFG descriptor, orchestrated by NFVO
• May cover VNFFGs, VNFs and NFs
VNF:
• Described by the VNF descriptor, instantiated by the NetworkService

VNF Manager
• Covers VNF components each mapped to a VM and 1

described as a Virtual Deployment Unit

1..n

VNF VNF Forwarding Graph

1..n 0..n
 NFV Concepts (cont.)
• User Service: Services offered to end users/customers/subscribers.
• Deployment Behavior: NFVI resources that a VNF requires, e.g., Number of
VMs, memory, disk, images, bandwidth, latency
• Operational Behavior: VNF instance topology and lifecycle operations, e.g.,
start, stop, pause, migration, …
• VNF Descriptor: Deployment behavior + Operational behavior

Source: Adapted from Raj Jain

 Descriptor Information Model
Service order with parameters
NSIDs VNFFGID VNFIDs VVLIDs

Service Instance
Service NFV instances
• Services
customized from
VNF Forwarding Graph: catalog templates by
- E2E Service Description & KPIs NFVO
- Info about Component VNFD ,
PNFD, and associated Links
NSD Service Chain
• Each service

- Inter NF KPIs with dependent VNFs O Record

having
component
/PNFs in service graph VNFDs, service
VNFFG r graph definition,
and real time
c status of service
graph
Virtual VNF Link Descriptor:
- Link type (eg Point to Point , h
Multipoint) , Inter VNF, & VNF to Link Instance
-
legacy network links, SAN
KPIs (eg Bandwidth , QoS , Latency)
VVLD e Virtual
VNF
• VNLs
instantiated
- Network type (Hypervisor vSwitch,
NIC eSwitch, Cluster VEPA or
s Link
Record
in NFVI by
FCoE/IB, WAN) NFVO & VIM
Element
catalog
t
Virtual Network Function Descriptor:
r VNF Instance
- VNFs
Virtual
• Compute requirements and SLAs
• For each Component sub functions, a Network instantiated
by NVFO,
Function
(eg Processing, memory, Storage
access requirements & SLAs)
VNFD t Record VNFM &
• Reliability SLAs/class VIM
VNF
• Intra VNF component links
catalog
o
PNF Instance
r Physical
- PNFs
Physical Network Function Descriptor: Network
• Reliability SLAs/class PNFD Function incorporated
• Legacy network links Record by NVFO
…

Resource orders with parameters

Management and Orchestration Architecture
Os-Nfvo
OSS/BSS NFV Orchestrator (NFVO)

Or-Vnfm

NS VNF NFV NFVI

Catalog Catalog Instances Resources

EMF VeEn-Vnfm
VNF Manager
(VNFM)
VNF VeNf-Vnfm
Vnfm-Vi

Vn-Nf
Nf-Vi Virtualised Or-Vi
Infrastructure
NFVI Manager
(VIM)
Virtual Infrastructure Management
The NFV Architecture Framework
 Reference Point:
Points for inter-module specification
• (Os-Ma) Operation Support System (OSS)/Business Support Systems (BSS) –
NFV Management and Orchestration
• (Se-Ma) Service, VNF and Infrastructure Description – NFV Management and
Orchestration: VNF Deployment template, VNF Forwarding Graph, service-
related information, NFV infrastructure information
• (Or-Vnfm) Orchestrator – VNF Manager
• (Vi-Vnfm) Virtualized Infrastructure Manager – VNF Manager
• (Ve-Vnfm) VNF/ Element Management System (EMS) – VNF Manager
• (Or-Vi) Orchestrator – Virtualized Infrastructure Manager
• (Nf-Vi) NFVI-Virtualized Infrastructure Manager
• (VI-Ha) Virtualization Layer-Hardware Resources
• (Vn-Nf) VNF – NFVI
 Architectural Use Cases
• Network Functions Virtualisation Infrastructure as a Service
– Network functions go to the cloud
• Virtual Network Function as a Service
– Ubiquitous, delocalized network functions
• Virtual Network Platform as a Service
– Applying multi-tenancy at the VNF level
• VNF Forwarding Graphs
– Building E2E services by composition
 XaaS for Network Services
User
NSP
VNF Forwarding Graph
VNF
VNF VNF
Admin
User
VNPaaS
Admin VNF VNF
User
VNFaaS
Hosting Service Provider
VNF VNF VNF
VNF VNF VNF
VNF VNF VNF

VNF Tenants
NFVIaaS
NFVI Provider

IaaS NaaS NaaS PaaS PaaS SaaS

 Recommendation / Call-for-action

Invitation towards IT and Telecom industries

to combine their complementary expertise and resources
in a joint collaborative effort, to reach broad agreement
on standardised approaches and common architectures,
and which are interoperable and have economies of scale.

 A new carrier-led Industry Specification Group (ISG) is being setup under

the auspices of ETSI.
 Initial face-to-face meeting of the ISG NFV is planned for Jan 2013, and
will be announced via the usual ETSI procedures.
 Deliverables: White papers addressing challenges and operator
requirements, as input to standardisation bodies.
Source: NFV
 NFV Myths
• The ETSI NFV ISG is a standards body.
• NFV equates to “The Cloud.”
• NFV is about CAPEX.
• NFV winds down in January 2015.

Source: http://www.sdncentral.com/education/nfv-insiders-perspective-operator-shift-underway/2013/10/
Wrapping up: Innovations of NFV

Source: Adapted from Raj Jain

Requirements and Challenges
NFV
The Road to NFV

Source: Gabriel Brown, Heavy Reading

 Two Approaches to NFV
(to be pursued simultaneously)

Arising of challenges
Source: Gabriel Brown, Heavy Reading
 Challenging Path upfront:
Not as simple as cloud applied to telco
The network differs from the computing environment in
2 key factors…
1
Data plane workloads HIGH PRESSURE ON
(which are huge!) PERFORMANCE

2
Network requires shape GLOBAL NETWORK VIEW IS
(+ E2E interconnection) REQUIRED FOR MANAGEMENT

…which are big challenges for vanilla cloud computing.

AN ADAPTED VIRTUALISATION ENVIRONMENT IS NEEDED
TO OBTAIN CARRIER-CLASS BEHAVIOUR

Source: Adapted from D. Lopez Telefonica I+D, NFV

Cloud vs. NFV
Cloud vs. NFV

Source: Adapted from D. Lopez Telefonica I+D, NFV

 NFV Framework Requirements
1. General: Partial or full Virtualization, Predictable performance
2. Portability: Decoupled from underlying infrastructure
3. Performance: Conforming and proportional to NFs
specifications and facilities to monitor
4. Elasticity: Scalable to meet SLAs. Movable to other servers.
5. Resiliency: Be able to recreate after failure.
Specified packet loss rate, calls drops, time to recover, etc.
6. Security: Role-based authorization, authentication
7. Service Continuity: Seamless or non-seamless continuity after
failures or migration
 NFV Framework Requirements
8. Service Assurance: Time stamp and forward copies of
packets for Fault detection
9. Energy Efficiency Requirements: Should be possible to put a
subset of VNF in a power conserving sleep state
10. Operational and Management Requirements: Incorporate
mechanisms for automation of operational and management
functions
11. Transition: Coexistence with Legacy and Interoperability
among multi-vendor implementations
12. Service Models: Operators may use NFV infrastructure
operated by other operators
 Challenges
• Achieving high performance virtualised network appliances
– portable between different HW vendors, and with different hypervisors.
• Co-existence with bespoke HW based network platforms
– enabling efficient migration paths to fully virtualised network platforms.
• Management and orchestration of virtual network appliances
– ensuring security from attack and misconfiguration.
• NFV will only scale if all of the functions can be automated.
• Appropriate level of resilience to HW and SW failures.
• Integrating multiple virtual appliances from different vendors.
– Network operators need to be able to “mix & match” HW,
– hypervisors from different vendors,
– and virtual appliances from different vendors
– without incurring significant integration costs and avoiding lock-in.

Source: NFV
Is NFV Technology Good Enough?

Time Source: Gabriel Brown, Heavy Reading

Alternative virtualization options

Source: Bob Briscoe (BT) / NFV

Virtualization Implementation

Source: Bob Briscoe (BT) / NFV

NFV Performance Challenges

Source: Ivan Pepelnjak

 Performance
• Different network technologies have a cost...

Source: IEEE SDN4NFS, 2013

Performance and Scalability

Source: Michael Zimmerman, Tilera

High and Predictable Performance is Achievable

(*) ETSI NFV Work Item “NFV Performance & Portability Best Practises”:
DGS/NFV-PER001 Current version: v0.0.7 (stable draft – 15/10/2013)
 Performance and Scalability
• PFs and NFs
– Lack of performance -> Scalability decreased
• Performance
– NF vs. NFV-FG
• Proportional performance of NFs and services
according to available:
– Network latency and bandwidth
– Compute capacity
 Scalability
• Real world vs. virtualized perspective
– Network devices: FIB size, queue length, # of ports
• NFVI existence?
– Distributed: storage, processing, connecting
– Distributed NFs
• Latency and Bandwidth requirements (e.g., BRAS, DPI)

Source: Ericsson, EU UNIFY

 Overall Management & Orchestration
• Control functions and state in all network levels
– Heterogeneous environments and services

Source: IEEE PIMRC, 2013

Redesign Network Segments

Source: Adapted from D. Lopez Telefonica I+D, NFV

 Management and Orchestration
• The key: Elasticity!
– Pieces at all infrastructure layer
– Need to go beyond to just fit them together
– Multi-technology support, and open interfaces

Source: Raj Jain

 Orchestration
• Automated deployment
of NFV applications
– OpenStack, CloudStack...
• NFVI profile for NF
– Select and start host, VM
• Applications (NFs)
– Service address
– Location specific
configuration

Source: Bob Briscoe, BT

 Orchestration & Infrastructure
Network Control Hierarchy
• An E2E controller with global view
VNF App1 Client VNF App2 Client
Controller Controller • Virtual switches are added to
Indirect Indirect
control I/F
infrastructure
control I/F
Network Slice A VNF on VM
Ext IF on • VNF applications may need to see
INF net
Toplogy View Ext IF on Ext IF on and/or control their own topology,
INF net Ext IF on INF net Ext IF on
B C
INF net INF net internal, external or both
E2E controller

Virtual Network Virtual Switch Virtual Network

control I/F control control I/F

Abstracted
View

Virtual switch

Network Controller A Network Controller B Network

Controller C
physical (NE) Physical (NE) Physical (NE)
control control control
NE view
B/E
Network A A
Network C
Network B D
C F
Source: D. Lopez / NFV
 Orchestration
• An end-to-end perspective
– May include nested forwarding graphs

Source: ETSI NFV Framework

 Service Chains | VNF Forwarding Graphs

• VNF FGs are the analogue of connecting existing

Physical Appliances via cables as described in the NFV

• Cables are bidirectional and so are most data

networking technologies that will be used in Virtualized
deployments in the near term (e.g. Ethernet).
– In other words, a VNF Forwarding Graph provides the logical
connectivity between virtual appliances (i.e. VNFs).
 NFV Forwarding Graphs
• Network Service Chaining
– Networks paths: old stratified vs. dynamic new

Source: Ericsson, EU UNIFY

Source: ETSI NFV UC VNF FG From Logical to Physical View
 Further recommended reading:
NSC & NFV-FG IETF Service Function Chaining (sfc) WG:
https://datatracker.ietf.org/wg/sfc/documents/
• Constitution of NSC
Service Function Chaining in Open Daylight -
– NF Set to NFV-FG https://wiki.opendaylight.org/view/Service_Fun
• NFs well defined ction_Chaining:Main
interfaces and behavior
Service Function Chaining in OpenStack
• NFV-FGs topics: https://wiki.openstack.org/wiki/Neutron/Virtual
ResourceForServiceChaining
– Processing semantics
– Performance guarantees Research Directions in Network Service Chaining
http://ieeexplore.ieee.org/stamp/stamp.jsp?arn
– Charging umber=6702549

Extending SDN to Handle Dynamic Middlebox

Actions via FlowTags
http://www.contrib.andrew.cmu.edu/~sfayazba
/flowtags_ons14.pdf
 SDN & NFV
• SDN poses to NFV:
– Central point of contact / Orchestrate VNFs (NSC)

Source:
Uwe Michel
T-Systems
Networking with SDN & NFV

Source: NEC
Proper Balance Between SDN and NFV

Source: Adapted from D. Lopez Telefonica I+D, NFV

Portability
• Move VNF across N-PoPs
• Decoupled NFV framework
from NFVI
• Optimize VNF resources:
– Location
– Allocation
– Reservation
• Compatibility
– Integration/internetworking
– Meeting SLA requirements
• Example: NfV hypervisors
 Interoperability and Legacy Networks
• End-to-end network services
– Transparent management and orchestration
• No place for one-size-fits-all solutions
– Dynamic and heterogeneous new technologies
• Handle different old and new characteristics
– Impact on the other requirements:
• Performance, resilience, security...
• Maintain SLAs
• Avoid disruptions!
 Resilience
• Different Levels
– PFs, NFs, NFVI, NFV-FG
• Monitoring, synchronisation and trigger
mechanisms in the event of failure of NFs
• Correlated failures in NFV-FG
– Chained resilience plans
• Service Continuity
– SLA minimum insurance
• Zero impact vs. Measurable impact
• Orchestration: NOT a single point of failure
 Security
• New Threats
– Virtualization Network Layer
– Several identity layers and accounting
• Protection of interfaces exposed by NFV architecture
principles.
• Secure separation and management of NF entities.
• Heterogeneous network domains
• NFVI shared resources
– Isolation of VNF sets
– User privilege resources access (APIs)
• Mechanisms:
– Control and verify the configuration of soft/hardware
 Wrapping up :
NFV Challenges for Networking Research
In addition to high-performance / system-related challenges, networking challenges include:
NFV Resiliency
• NFV-based service continuity.
• Coexistence of virtualised and non-virtualised Network Functions (NFs)
• Virtual Network Functions (VNF) Software (VM, Hypervisor) failure or congestion
protection.
• Monitoring, synchronisation and trigger mechanisms in the event of failure of NFs.
NFV Control & Orchestration
• Providing automation and elasticity.
• NF Instance instantiation, scaling and migration.
• End-to-end service setup, operation and monitoring.
• Multi-technology support, and open interfaces.
NFV Security
• Securing VNF instances.
• Vulnerabilities introduced in the new virtualisation layer.
• Protection of interfaces exposed by NFV architecture principles.
• Secure separation and management of NF entities.
Source: D. King, Comnnet Workshop
Some insights on ongoing collaborative research projects

RESEARCH PROJECTS
 NFV Research and Education
Significant industry progress has been made to encourage growth of a
commercial ecosystem for NFV, but research and education are also very
important for overall and long term success.
NFV Research topics include:
• Service chaining algorithms & NFV orchestration algorithms
• Abstractions for carrier-grade networks and services
• Performance studies (optimisation, scheduling, portability, reliability)
• Security of NFV Infrastructure
• Impacts of data plane workloads on computer systems architectures
• Applying compositional patterns (i.e. Network Function Chains) for parallelism
• Performance monitoring and reliability of network services
• Energy-efficient NFV architectures
• Service Assurance (e.g. test & diagnostics, predictive analytics, etc.)
• New requirements on the NFV Infrastructure for supporting new types of VNFs
• NFV Infrastructure federation
• New network topologies and architectures
• Tools and simulation platforms Source: NFV White Paper #3 Page 15
Network Functions as-a-Service over Virtualized
Infrastructures: http://www.t-nova.eu/

New enabling NFV framework for operators

– Deployment of NFV concepts
– Offer to customer value-added services
– Virtual network appliances on-demand as-a-Service
– Marketplace for VNFs and services
• Third party NF development and trading
– NF resource optimization and elasticity
 T-NOVA

Src: http://cordis.europa.eu/fp7/ict/future-networks/ocuments/call11projects/t-nova.pdf
 T-NOVA
Approach
– Address most of NFV design challenges
– NFV marketplace (plug-and-play NFs)
– Brokerage platform for best service bundles selection

Impact
– Boosting competitiveness (NFs in Function Store)
– Lower operator costs (CAPEX-to-OPEX transformation for
more efficient planning)
– Promote EU standardization (e.g., ETSI)
UNIFY

Architecture to unify carrier and cloud services

• Service abstraction model and an associated domain-
specific service creation language and programming
interfaces to automate and optimize the deployment of
service chains
• Advanced management and operation schemes to
cope with increased network/service agility and to handle
network services end-to-end
• Design and performance of a universal node
architecture based on standard x86 components and
accelerators for network functions virtualization
UNIFY
 UNIFY
Approach
– Service Programming, Orchestration and Optimization: NFs
abstractions, description languages, algorithms for automated
creation of service chains
– Service Provider DevOps: agile operations and development
aids for dynamic service chains
– Unified Node Architecture (as an abstracted domain): based
on commodity hardware
Impact
– Evolve impact of European community in standard
organizations (e.g., IETF, ETSI, ONF)
– Unified service operator resources abstractions
Trilogy 2
Building the liquid network
http://trilogy2.it.uc3m.es
• Processing, storage, bandwidth
and energy usage from different
machines and different parts of
the network
• Creating:
– Cross layer liquidity, cross provider
liquidity and cross resource
liquidity
– Means to control the created
liquidity though the means of
incentives, information exchange
and enforcement tools
 Trilogy 2
Liquidities approaches
– Cross provider: pooling techniques for bandwidth,
processing, storage and energy
– Cross-layer: optimize higher layers using low layers
“interwork”
– Cross-resource: improve performance selecting best trade-
off type of resource pools
Impact
– Reduce supplier lock-ins and costs
– Collaborative applications to optimize end-to-end
communication
– Resources sharing among cloud service providers
Use Cases
NFV
 NFV ISG Use Cases
• First use case proposal: 2010
• Main idea: contribute to thrive NFV
– Real Scenarios
• Fast service innovation based on software and
operational end-to-end NFs
– Operational eficiency
– Energy consumption reduce (workloads migration)
– Open and standard interfaces
– Flexibility between VNF and hardware;
– Eficient revenues return
 Use Cases Matrix

Cloud Use Cases NFVIaaS (NFV Infrastructure as a Service)

VNFaaS (Virtual Network Functions as a Service)
Service Chains (VNF Forwarding Graphs)
VNPaaS (Virtual Network Platform as a Service
Mobile Use Cases Virtualization of Mobile Core Network and IMS
Virtualization of Mobile Base Station
Content Delivery Use Cases Virtualization of CDNs
Access/Residential UC Virtualization of Home Environment
Fixed Access Network Functions Virtualization

Use Case Matrix – 4 big large themes, and 9 related use cases
Reference: ETSI NFV UC
 NFV Infrastructure as a Service
(NFVIaaS)
• Cloud Computing Services are typically offered to
consumers in one of three service models
– Infrastructure as a Service (IaaS)
– Platform as a Service (PaaS)
– Software as a Service (SaaS)
• IaaS is defined as the capability to offer to consumers
processing, storage and fundamental computing resources
• Some literature also refers to a capability to offer network
connectivity services as Network as a Service (NaaS). One
application for NaaS appears to be the on demand creation
of network connectivity between Cloud Service Provider
and Customer

Reference: ETSI NFV UC

 NFV Infrastructure as a Service
(NFVIaaS)
NFV Infrastructure :
• provide the capability or
functionality of providing an
environment in which Virtualized
network functions (VNF) can
execute

• NFVIaaS provides compute

capabilities comparable to an IaaS
cloud computing service as a run
time execution environment as
well as support the dynamic
network connectivity services
that may be considered as
comparable to NaaS Source: ETSI NFV UC
NFVIaaS: Multi-domain Example

Source: ETSI NFV UC

 VNFaaS Motivation: CPE e PE
Pre-NFV service provider networks include a Provider Edge (PE) router at the
edge of the core, facing the Customer Premises Equipment (CPE) device

Source: ETSI NFV UC

Virtual Network Functions as a Service
(VNFaaS)
• Substantial saving may be possible by moving routing functionality
from purpose-built routers to equivalent functionality
implemented in COTS hardware environments providing cloud
computing capabilities such as the NFVI

• Rather than the Enterprise investing its own capital in deployment

of networking infrastructure, the service provider may be able to
provide advanced networking features as a measured service

• The service provider could operate a VNF instance using its NFVI
which provides the functionality required to implement the
enterprise CPE and potentially another VNF instance for the control
plane of the PE router improving its scalability
 VNFaaS

Physical CPE & vE-CPE

(routing, VPN termination,
QoS support, DPI, NG-FW and
a WOC (WAN Optimization
Controller)

vCPE functionality in many locations

Source: ETSI NFV UC

 Virtual Network Platform as a Service
(VNPaaS)
• Network resources are more and more often not
exclusively used by the operator

• Platform as a Service (PaaS) as the possibility for

the consumer to deploy his own applications using
the computing platform supported by the provider

• Service Provider provides a toolkit of networking

and computing infrastructure as well as
potentially some VNFs as a platform for the
creation of virtual network
i.e. a Virtual Network Platform as a Service
 VNPaaS
The VNPaaS is similar to
the VNFaaS, but differs
mainly in the scale of the
service and
programmability

VNPaaS provides a larger

scale service typically
providing a virtual network
rather than a single virtual
network function.

Source: ETSI NFV UC

 Mobile Core Network and IMS
• Mobile networks are populated with a large
variety of proprietary hardware appliances

• Flexible allocation of Network Functions on such

hardware resource pool could highly improve
network usage efficiency

• Accommodate increased demand for particular

services (e.g. voice) without fully relying on the
call restriction control mechanisms in a large-
scale natural disaster scenario such as the Great
East Japan Earthquake
 v-EPC and use cases for v-IMS
• Examples of Network
Functions include MME,
S/P-GW, etc
• This use case aims at
applying virtualization to
the EPC, the IMS, and these
other Network Functions
mentioned above
v-EPC

Partial NFV Deployment

VNF relocation
Source: ETSI NFV UC
 Virtualization of Mobile Base Station
• Mobile network traffic is significantly increasing by the
demand generated by application of mobile devices, while
the ARPU (revenue) is difficult to increase

• LTE is also considered as radio access part of EPS (Evolved

Packet System) which is required to fulfill the requirements
of high spectral efficiency, high peak data rates, short
round trip time and frequency flexibility in radio access
network (RAN)

• Virtualization of mobile base station leverages IT

virtualization technology to realize at least a part of RAN
nodes onto standard IT servers, storages and switches
 Virtualization of Mobile Base Station

Functional blocks in C-RAN

LTE RAN architecture evolution by centralized BBU pool

(Telecom Baseband Unit)
Source: ETSI NFV UC
 Virtualization of CDNs
• Delivery of content, especially of video, is one of the
major challenges of all operator networks due to
massive growing amount of traffic to be delivered to end
customers of the network

• Integrating nodes of Content Delivery Networks into

operator networks can be an effective and cost-efficient
way to answer to the challenges of Video Traffic Delivery

• CDN providers ask operators to deploy their

proprietary cache nodes into the ISP network (e.g.
Netflix OpenConnect program, Akamai Aura CDN). This
comes with benefits for both sides but also with the
challenge that eventually the operators will host a zoo
of different cache devices side by side in their premises
 vCDN

Principle of different vCDN cache nodes deployment in Virtualised environment

Source: ETSI NFV UC
 Home Environment
• Current network operator provided home
services are architected using network-located
backend systems and dedicated CPE devices
located as part of the home network.
• These CPE devices mark the operator and/or
service provider presence at the customer
premises and usually include:
– Residential Gateway (RGW) for Internet
– VOIP services, and a
– Setup Box (STB) for Media services normally
supporting local storage for PVR services
 Simplifying Operation and
Service Deployment
FROM…
Home environment Network environment

STB
CPE

NAT TR-069
IPv4 UPnP FW

DHCP Access Point Switch Modem

Operation and service

… TO deployment are greatly Network environment
simplified

Home environment
STB
CPE FW
UPnP
IPv4/IPv6
Access Point Switch Módem TR-069
IPv6 only needed in DHCP NAT
network environment
Simplification removes all
incompatibilities with IPv6
Source: Telefonica I+D
Virtual Residential Gateway

Source: NEC
 Fixed Access NFV
• Main costs and bottlenecks in a network often
occur in the access.
– For the wireline fixed access network, the most
prevalent broadband access technologies today are
based on DSL, with the most widely deployed variant
being ADSL2+ which has a maximum downstream bit
rate of ~26 Mb/s.

• The trend however is to replace exchange-based

equipment with equipment based on VDSL2 in
new street cabinets with fiber backhaul (FTTcab)
 Access Networks Virtualization
Target Network functions
for virtualization may
include control functions
from:

OLT
DSLAM
ONU
ONT
MDU
DPU

Access Network Functions Virtualization will be

Source: ETSI NFV UC initially applied to hybrid fiber-DSL nodes such as FTTcab and FTTdp
Proof-of-Concepts
NFV
 Proof of Concepts
ETSI Evaluation Process

Source: ETSI Ongoing PoC

http://nfvwiki.etsi.org/index.php?title=On-going_PoCs PoCs NFV ISG Diagram
 Proof of Concepts – PoCs Completed
• PoC#1 - CloudNFV Open NFV Framework Project • PoC#6 - Virtualised Mobile Network with
– Telefonica - Sprint - 6WIND - Dell - EnterpriseWeb –
Integrated DPI
Mellanox - Metaswitch - Overture Networks - Qosmos - – Telefonica - Intel - Tieto - Qosmos - Wind River
Huawei - Shenick Systems - Hewlett Packard
• PoC#2 - Service Chaining for NW Function Selection in• PoC#7 - C-RAN virtualisation with dedicated
Carrier Networks hardware accelerator
– NTT - Cisco - HP - Juniper Networks – China Mobile - Alcatel-Lucent - Wind River
Systems - Intel
• PoC#3 - Virtual Function State Migration and
Interoperability • PoC#8 - Automated Network Orchestration
– AT&T - BT - Broadcom Corporation - Tieto Corporation – Deutsche Telekom - Ericsson - x-ion GmbH -
Deutsche Telekom Innovation Laboratories
• PoC#4 - Multi-vendor Distributed NFV
• PoC#9 - VNF Router Performance with DDoS
– CenturyLink - Certes - Cyan - Fortinet - RAD
Functionality
• PoC#11 - Multi-Vendor on-boarding of vIMS on a – AT&T - Telefonica - Brocade - Intel – Spirent
cloud management framework
• PoC#12 - Demonstration of multi-location,
– Deutsche Telekom - Huawei Technologies - Alcatel-Lucent
scalable, stateful Virtual Network Function
• PoC#5 - E2E vEPC Orchestration in a multi-vendor – NTT - Fujitsu - Alcatel-Lucent
open NFVI environment
– Telefonica - Sprint - Intel - Cyan - Red Hat - Dell -
Connectem
 Proof of Concepts – PoCs Completed
• PoC#14 - ForCES Applicability for NFV and integrated • PoC#23 - E2E orchestration of virtualized LTE
SDN core-network functions and SDN-based
– Verizon - Telefonica - Mojatatu Networks - Cumulus
dynamic service chaining of VNFs using VNF
Networks - University of Patras FG
• PoC#15 - Subscriber Aware SGi/Gi-LAN Virtualization – SK Telecom - Hewlett Packard - Samsung -
Telcoware
– Telenor - ConteXtream - SkyFire Networks - Guavus -
Redhat - HP • PoC#29 - Service orchestration for virtual
CDN service over distributed cloud
• PoC#16 - NFVIaaS with Secure, SDN-controlled WAN
management platform
Gateway
– KINX - IN-Soft - PIOLINK - ETRI
– AT&T - Telecom Italia - Netronome - Intel - ServiceMesh -
PLUMgrid - Cisco Systems • PoC#33 - Scalable Service Chaining
• PoC#19 - Service Acceleration of NW Functions in Technology for Flexible Use of Network
Carrier Networks Functions
– AT&T - Ericsson - Avago Technologies - ARM - Tieto - – NTT - ALAXALA Networks - Hitachi - Cisco
Procera Systems - NEC - Alcatel-Lucent

• PoC#22 - Demonstration of High Reliability and

Availability aspects in a Multivendor NFV Environment
– AT&T - KDDI R&D Laboratories - Brocade - Hewlett
Packard - Wind River System
 Proof of Concepts – PoCs OnGoing
• PoC#13 - SteerFlow: Multi-Layered Traffic Steering for • PoC#21 - Network Intensive and Compute
Gi-LAN Intensive Hardware Acceleration
– Telefonica - Vodafone - Radware - HP - Melanox – BT - Huawei - EZChip - AMD - Tilera - Altera -
Broadcom - EANTC - Ixia
• PoC#17 - Operational Efficiency in NFV Capacity
• PoC#24 - Constraint based Placement and
Planning, Provisioning and Billing
Scheduling for NFV/Cloud Systems
– BT - MetraTech Corp - Huawei
– AT&T - DT - Brocade - IBM - Red Hat - VMware
• PoC#18 - VNF Router Performance with Hierarchical
• PoC#25 - Demonstration of Virtual EPC
Quality of Service Functionality
(vEPC) Applications and Enhanced Resource
– Telefonica - BT - Brocade - Intel - Spirent
Management
• PoC#20 - Virality based content caching in NFV – Vodafone - AMD - ARM - Aricent
framework
• PoC#26 - Virtual EPC with SDN Function in
– BT - Telefonica - Brocade - IBM Research - AMD
Mobile Backhaul Networks
– Telecom Italia - Nokia Networks - EXFO -
Coriant - Aalto University
 Proof of Concepts – PoCs OnGoing
• PoC#27 - VoLTE Service based on vEPC and vIMS • PoC#32 - Distributed Multi-domain Policy
Architecture Management and Charging Control in a
– China Unicom - ZTE Corporation - Hewlett Packard virtualised environment
– Vodafone - Openet - Red Hat - Intel - Procera –
Amartus
• PoC#28 - SDN Controlled VNF Forwarding Graph
– DT - Vodafone - Huawei - Freescale - Qosmos –
Netronome - MRV - Corsa - Riverbed - BlueCoat - Ixia – • PoC#34 - SDN Enabled Virtual EPC Gateway
ONF – Telenor - Vodafone - ConteXtream - ImVision
Tech - Mavenir - Redhat - Hewlett Packard
• PoC#30 - LTE Virtualized Radio Access Network (vRAN)
– SK Telecom - Nokia – Intel • PoC#35 - Availability Management with
Stateful Fault Tolerance
– ATT - iBasis- NTT - Stratus Technologies -
• PoC#31 - STB Virtualization in Carrier Networks Aeroflex - Brocade - Allot
– Cablelabs - Netzyn - Samsung - ARM - Freescale
 PoC#1 - CloudNFV
Dell Lab infrastructure for CloudNFV

Source: ETSI Ongoing PoC

http://nfvwiki.etsi.org/index.php?title=On-going_PoCs
 PoC#2 - Service Chaining for NW
Function Selection in Carrier Networks

vDPI: CSR 1000v (Cisco Systems)

vCPE: VSR1000 (Hewlett-Packard)
vFW: FireFly (Juniper Networks)
VIM (NW Controller): Service Chaining
Function (prototype) + Ryu (NTT) Source: ETSI Ongoing PoC
 PoC#3 - Virtual Function State
Migration and Interoperability
• Different Hardware BUT Portable Software
• Open Source + Linux + KVM
• Recompiling with GCC or LLVM - Low Level Virtual Machine

Source: ETSI Ongoing PoC

 PoC#4 - Distributed-NFV
PoC are being developed based on
centralized NFVI architectures and
centralized VNF deployment

However, there is also a need to

deploy some functions out at the
customer edge. The ability to
support the deployment of
virtualized functions at the customer
edge requires a Distributed NFV
(D-NFV) architecture

Omniscient D-NFV orchestrator

handles all VNFs and virtual
machine (VM) infrastructure,
wherever they may be located, and
exploits SDN-like mechanisms to
achieve optimal VNF placement
Source: ETSI Ongoing PoC
 PoC#11 - Multi Vendor on-boarding of
vIMS on Cloud Management Frame
Scenario 1 – One-click service deployment.
IMS service is provided by several 3GPP Network
Functions, such as CSC, HSS, MMTel, etc. These functions, all
from Huawei, are virtualized. With the pre-defined
templates and scripts, all functions can be deployed
automatically, onto the cloud platform provided by DT and
ALU.
Scenario 2 – Auto-scaling of VNF
Traffic load generator by a simulator increases and pushes
up the workload of the VNF. When the workload exceeds
the pre-defined threshold, additional resources (VM) are
automatically allocated. In situations of reducing VNF
capacity due to decreasing traffic load, similar in reverse
direction
Scenario 3 – Automated healing of VNF
When a VM containing a component of a VNF (VNFC) fails, a
new VM will be automatically allocated and created with
appropriate component instantiated on it. This process heals
the VNF with no service interruption.

CloudBand is the Alcatel-

Source: ETSI Ongoing PoC Lucent Cloud Platform
 PoC#14 - ForCES Applicability for NFV
and integrated SDN

Source: ETSI Ongoing PoC

PoC #21 - Network Intensive and Compute
Intensive Hardware Acceleration
• Acceleration helps to
reduce required compute
resources
– Less power/cooling
– Less space due to high
density (5U to 1U)
– Less delay and jitter (no
inter-CPU latency)
– Predictable performance
(hardware granularity)
– High performance
cryptography and security

Source: IETF SDN-RG

 PoC#34 - SDN Enabled Virtual EPC
Gateway

Source: ETSI Ongoing PoC (draft)

Quick overview on remarkable enabling technologies of NFV

ENABLING TECHNOLOGIES
 Enabling Technologies
• Minimalistic OS
– ClickOS
• Improving Linux I/O
– Netmap, VALE, Linux NAPI
• Programmable virtual switches / bridges
– Open vSwitch
• Exploiting x86 for packet processing Image source: ClickOS

– Intel DPDK
• Some example start-ups
– LineRate Systems, 6WIND, Midonet, Vyatta (bought by BCD)

Image source: NEC

Middlebox World
Linux Containers

Docker LXC

Image source: Linux Container Brief for

IEEE WG P2302, Boden Russell
 MiniOS - ClickOS Architecture
Martins, J. et al. Enabling Fast, Dynamic Network Processing with ClickOS. HotSDN 2013.

• Build small system using MiniOS (5MB

images)
• Emulate CLICK Modular Router
control plane over MiniOS/Xen
• Reduce boot times (30 ms)
• Optimized for 10Gbps data planes
 ClickOS boot costs and performance

Martins, J. et al. Enabling Fast, Dynamic Network Processing with ClickOS. HotSDN 2013.
 Performance Analysis
(low performance) without netmap

Idea: use netmap

Martins, J. et al. Enabling Fast, Dynamic Network Processing with ClickOS. HotSDN 2013.
 Netmap
• High Performance packet I/O
framework
– 14.88 Mpps on 1 core at 900 Mhz
• Available in FreeBSD 9+ and Linux
• Minimum device driver
modifications
– critical resources (NIC registers,
physical buffer addresses and
descriptors) not exposed to the
user
– NIC works in special mode,
bypassing the host network stack
• Amortize syscalls cost by using
large batches
• Preallocated packet buffers and
memory mapped to userspace
 Intel DPDK
• Supported since Intel Atom up to latest Intel Xeon
• 32-bit and 64-bit with or without NUMA
• No limit on the number of cores or processors
• Ideal DRAM allocation for all packets pipelines
• Several examples of networking software that
show the performance improvement
– Best practices for software architecture
– Tips on modeling and storing data structures
– Help compiler to improve the network code
– Reach levels up to 80Mpps per socket of CPU
 Intel DPDK
• Optimized NIC Drivers in the user-space
• Drivers 1/10Gbps
• BSD License
• Source code available in Intel website (and others)

Source: Intel Data Plane Development Kit

(Intel DPDK) Overview – Packet Processing
on Intel Architecture
 Intel DPDK
Buffer and Memory Manager
• Manage the allocation of objects non-NUMA
using hugepages through rings, reducing TLB
access, also, perform a pre-allocation of fixed
buffer space for each core
Queue Manager
• Implements lockless queues, allow packets to
be processed by different software
components with no contention
Flow Classification
• Implements hash functions from information
tuples, allow packets to be positioned rapidly
in their flow paths. Improves throughput
Pool Mode Driver
• Temporary hold times thus avoiding raise NIC
interruptions
 Vyatta vRouter: Value Proposition

Source: Kelly Herrel (Brocade)

 Vyatta: Current Architecture (5400)

Source: Kelly Herrel (Brocade)

 Vyatta: Architecture (5600)

Source: Kelly Herrel (Brocade)

 OpenStack
OpenStack is a global collaboration of developers and cloud computing
technologists producing the ubiquitous open source cloud computing
platform for public and private clouds.
The project aims to deliver solutions for all types of clouds by being simple to
implement, massively scalable, and feature rich. The technology consists of a
series of interrelated projects delivering various components for a cloud
infrastructure solution.

Source: Openstack.org
Network Function
Virtualisation - NFV
Ubuntu Cloud Portfolio Mapped to
ETSI-NFV framework
 Blueprints in Juno and beyond
• 2 interfaces from 1 VM on • VLAN trunking networks for
same network NFV
• SR-IOV Networking Support • VLAN tagged traffic possible
• Virt driver guest vCPU over tenant network
topology configuration • From VLAN trunks to virtual
• Evacuate instance to networks
scheduled host • VLAN tagged traffic
redirected to a physical
appliance
• management VLANs on
ports as sub-ports
• Allow interfaces with no
address for NFV
Enabling tech: ARM
 Heterogeneous System on a Chip
(SoCs) in the Intelligent Flexible Cloud
 OPNFV
• The open source project aims to build a reference platform for
the NFV framework that was defined by ETSI.

Source: https://www.opnfv.org
 Conclusions
1. NFV aims to reduce OpEx by automation and scalability provided
by implementing network functions as virtual appliances
2. NFV allows all benefits of virtualization and cloud computing
including orchestration, scaling, automation, hardware
independence, pay-per-use, fault-tolerance, …
3. NFV and SDN are independent and complementary. You can do
either or both.
4. NFV requires standardization of reference points and interfaces
to be able to mix and match VNFs from different sources
5. NFV can be done now. Several of virtual functions have already
been demonstrated by carriers.
 References / Acknowledgements
• ETSI NFV ISG, http://portal.etsi.org/portal/server.pt/community/NFV/367
• Diego R. Lopez, Telefónica I+D, NFV ISG Technical Manager, Network Functions Virtualization -
Beyond Carrier-grade Clouds
• Raj Jain, Introduction to Network Function Virtualization (NFV),
http://www.cse.wustl.edu/~jain/cse570-13/m_17nfv.htm
• M. Cohn, “NFV Insider’s Perspective, Part 2: There’s a Network in NFV –The Business Case for SDN,”
Sep 2013, http://www.sdncentral.com/education/nfv-insiders-perspective-part-2-theres-network-nfv-
business-case-sdn/2013/09/
• M. Cohn, “NFV Group Flocks to Proof-of-Concept Demos,” Aug 2013,
http://www.sdncentral.com/technology/nfv-group-flocks-to-proof-ofconcept-models/2013/08/
• W. Xu, et al., “Data Models for NFV,” IETF Draft, Sep 2013, http://tools.ietf.org/html/draft-xjz-nfv-
model-datamodel-00
• CloudNFV, http://www.cloudnfv.com/page1.html
• Project Clearwater, http://www.projectclearwater.org/
• B. Briscoe, et al., “NFV,” IETF, March 2012, http://www.ietf.org/proceedings/86/slides/slides-86-sdnrg-
1.pdf
• Intel, “Open simplified Networking Based on SDN and NFV,” 2013, 7 pp.,
http://www.intel.com/content/dam/www/public/us/en/documents/whitepapers/sdn-part-1-
secured.pdf
• J. DiGiglio, and D. Ricci, “High Performance, Open Standard Virtualization with NFV and SDN,”
http://www.windriver.com/whitepapers/ovp/ovp_whitepaper.pdf
 Acronyms
• API Application Programming Interface
• BRAS Broadband Remote Access Server
• BSS Business Support Systems
• CapEx Capital Expenditure
• CDN Content Distribution Network
• CGNAT Carrier-Grade Network Address Translator
• CGSN Combined GPRS Support Node
• COTS Commercial-off-the-shelf
• DDIO Data Direct I/O Technology
• DHCP Dynamic Host control Protocol
• DPI Deep Packet Inspection
• EMS Element Management System
• ETSI European Telecom Standards Institute
• GGSN Gateway GPRS Support Node
• GPRS
• HLR Home Location Register
• IaaS Infrastructure as a Service
 Acronyms
• IETF Internet Engineering Task Force
• IMS IP Multimedia System
• INF Architecture for the virtualization Infrastructure
• IP Internet Protocol
• ISG Industry Specification Group
• LSP Label Switched Path
• MANO Management and orchestration
• MME Mobility Management Entity
• NAT Network Address Translation
• NF Network Function
• NFV Network Function Virtualization
• NFVI Network Function Virtualization Infrastructure
• NFVIaaS NFVI as a Service
• NIC Network Interface Card
• OpEx Operational Expences
• OS Operating System
 Acronyms
• OSS Operation Support System
• PaaS Platform as a Service
• PE Provider Edge
• PGW Packet Data Network Gateway
• PoC Proof-of-Concept
• PoP Point of Presence
• PSTN Public Switched Telephone Network
• QoS Quality of Service
• REL Reliability, Availability, resilience and fault tolerance group
• RGW Residential Gateway
• RNC Radio Network Controller
• SaaS Software as a Service
• SBC Session Border Controller
• SDN Software Defined Networking
• SGSN Serving GPRS Support Node
• SGW Serving Gateway
 Acronyms
• SIP Session Initiation Protocol
• SLA Service Level Aggrement
• SWA Software architecture
• TAS Telephony Application Server
• TMF Forum
• vEPC
• VM Virtual Machine
• VNF Virtual Network Function
• VNFaaS VNF as a Service
• vSwitch Virtual Switch
• VT-d Virtualization Technology for Direct IO
• VT-x Virtualization Technology
BACKUP
NFV ISG PoC NFV Use Case Operators Vendors

CloudNFV Open NFV Framework Use Case #5 Virtualization of the Mobile Sprint 6Wind, Dell
Core and IMS Telefonica Enterprise Web
Huawei, Mellanox
Overture, Qosmos
Service Chaining for NW Function Use Case #2 NTT Cisco, HP
Selection in Carrier Networks Virtual Network Function as a Service Juniper
(VNFaaS)
Use Case #4
Virtual Network Forwarding Graphs
Virtual Function State Migration and Use Case #1 AT&T Broadcom
Interoperability NFV Infrastructure as a Service (NFVIaaS) BT Tieto

Multi-vendor Distributed NFV Use Case #2 CenturyLink Certes

VNFaaS Cyan
Use Case #4 Fortinet
Virtual Network Forwarding Graphs RAD
E2E vEPC Orchestration in a multi-vendor Use Case #1 Sprint Connectem
open NFVI environment NFVIaaS Telefonica Cyan
Use Case #5 Virtualization of the Mobile Dell
Core and IMS Intel
Virtualised Mobile Network with Use Case #2 Telefonica HP
Integrated DPI VNFaaS Intel
Use Case #5 Virtualization of the Mobile Qosmos
Core and IMS Use Case #6 Virtualisation Tieto
of Mobile base station Wind River
C-RAN virtualisation with dedicated Use Case #6 Virtualisation of Mobile base China Mobile Alcatel-Lucent
hardware accelerator station Intel
Wind River
Automated Network Orchestration Use Case #1 Deutsche Telekom Ericsson
NFVIaaS x-ion
VNF Router Performance with DDoS Use Case #2 AT&T Brocade
Functionality VNFaaS Telefonica Intel
Wind river carrier grade
communication server
Dell NFV Platform
Cloudband and redhat architecture
mapped to ETSI-NFV framework
CloudBand network support, leveraging Nuage
Networks VSP as the SDN controller (WIM)
INDEPENDENT POCS
 OpenNaaS
• OpenNaaS is an open source platform for provisioning network resources.
– It allows the deployment and automated configuration of dynamic network
infrastructures and defines a vendor-independent interface to access services
provided by these resources
• OpenNaaS provides support for a variety of resources such as:
– optical switches, routers, IP networks and Bandwidth on Demand domains,
– but, more importantly, it is easy to add new resources and their capabilities as
an extension
• The core development team is part of Professional Services of the DANA
department at i2CAT Foundation (Mantychore FP7)
 OpenNaaS Architecture
Intelligence Layer
common web services
connectors for open source
cloud management

Abstract Resource Layer

NaaS resides

Single CLI for Resources

Reusable Building Blocks

The platform is based on a OSGI (Open Service

Gateway initiative) R4 component container
 EANTC-NFV Showcase
• European Advanced Networking Test Center
(EANTC Berlin, Germany)
– Vendor independent network quality assurance
since 1991
– Test and certification of network components for
manufacturers
– Network design consultancy and proof of concept
testing for service providers
EANTC-NFV Multi-Vendor
NFV Showcase
NFV Showcase
 EANTC – NFV ShowCases
Metavswitch Procera Deep
Huawei VNF
Forwarding Graphs Perimeta Session Packet Inspection
and Carrier Grade NAT Border Controller
• The CG-NAT service intends to • Metaswitch selected to • Procera explained that the
provide a solution for the showcase their Perimeta Virtualized PacketLogic
increasing shortage of IPv4 Session Border Controller solution enable network
addresses and transition to (SBC) Virtual Network operators to deploy
IPv6, by implementing nearly Function as a Service use Internet Intelligence
any NAT and IPv4-via-IPv6 case. pervasively throughout
technique. The Service Chains • It uses the concept behind their infrastructure.
make it possible to chain DPI, NFV to provide • The solution demonstrated
Parental Controls or other independent distribution the policy enforcement
similar functions for flexible and scaling of its signaling capabilities of the
services. (SSC) and media (MSC) PacketLogic solution
components. including application
identification, traffic
management, and
intelligent charging in an
NFV environment.
NFV Requirements Verified During the Tests

• Instantiation and
Provisioning
– Creation and
configuration of virtual
network functions
• Portability
– Moving VNF across
hardware
• Elasticity
– Adjusting resources to
the VNF load
 EANTC – NFV ShowCases
Metavswitch Procera Deep
Huawei VNF
Forwarding Graphs Perimeta Session Packet Inspection
and Carrier Grade NAT Border Controller
• The CG-NAT service intends to • Metaswitch selected to • Procera explained that the
provide a solution for the showcase their Perimeta Virtualized PacketLogic
increasing shortage of IPv4 Session Border Controller solution enable network
addresses and transition to (SBC) Virtual Network operators to deploy
IPv6, by implementing nearly Function as a Service use Internet Intelligence
any NAT and IPv4-via-IPv6 case. pervasively throughout
technique. The Service Chains • It uses the concept behind their infrastructure.
make it possible to chain DPI, NFV to provide • The solution demonstrated
Parental Controls or other independent distribution the policy enforcement
similar functions for flexible and scaling of its signaling capabilities of the
services. (SSC) and media (MSC) PacketLogic solution
components. including application
identification, traffic
management, and
intelligent charging in an
NFV environment.
NFV Showcase
Intel/HP/Wind River Accelerated vSwitch

• Combined Intel
DPDK, Wind River
OVP, and HP
hardware
• Reported 10x
performance gain in
packet switching by
bypassing the
vSwitch in the Linux
kernel
• Provides a
"horizontal"
platform that can be
used across multiple
use cases emerging
for both SDN and
NFV