Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (20)
Similar to Nfv
Similar to Nfv (20)
Recently uploaded
Recently uploaded (20)
Nfv
- 1. Network Functions Virtualization Network Services as a Software 1 AHMAD HIJAZI – 00961 71238330 Lebanese University, Université Toulouse III - Paul Sabatier Systèmes de Télécommunications & Réseaux Informatiques (STRI) 5 January 2017AHMAD HIJAZI
- 2. What will be discussed? Introduction Definition Fields of Applications NFV and SDN NFV Basic Diagram NFV Architecture NFV MANO Use Cases Challenges 2AHMAD HIJAZI
- 9. Introduction Hardware-based appliances are rapidly reaching end of life. NFV aims to address the problem of costly hardware by leveraging IT virtualization technology Consolidate many network equipment types onto high volume servers, switches and storage, which could be located in Datacenters and Service Providers. NFV lead to significant reductions in Operating Expenses (OPEX) and Capital Expenses (CAPEX). NFV facilitate the deployment of new services with increased agility and faster time-to-value. 9AHMAD HIJAZI
- 11. History Concept and collaborative work on NFV was born in October 2012. Number of the world’s leading TSPs authored a white paper calling for industrial and research action. In November 2012 seven of these operators (AT&T, BT, Deutsche Telekom, Orange, Telecom Italia, Telefonica and Verizon) selected the European Telecommunications Standards Institute (ETSI) to be the home of the Industry Specification Group for NFV (ETSI ISG NFV). 11AHMAD HIJAZI
- 12. Who is deploying NFV? Many of the leading service providers, including: AT&T Telefonica NTT CenturyLink Telecom Italia China Mobile 12AHMAD HIJAZI
- 13. Definition NFV involves the implementation of network function in software that can run on standard server hardware Traditional CPE Possible CPE Implementation with NFV 13AHMAD HIJAZI
- 15. Fields of Applications Switching elements: BNG, CG-NAT, routers. Mobile network nodes: HLR/HSS, MME, SGSN, GGSN/PDN-GW, RNC, Node B, eNode B. Functions contained in home routers and set top boxes to create virtualized home environments. Tunnelling gateway elements: IPSec/SSL VPN gateways. Converged and network-wide functions: AAA servers, policy control and charging platforms. Application-level optimisation: CDNs, Cache Servers, Load Balancers, Application Accelerators. Security functions: Firewalls, virus scanners, intrusion detection systems, spam protection. 15AHMAD HIJAZI
- 16. Enablers for NFV Cloud Computing Virtualization (Hypervisors) Virtual Ethernet Switch (Vswitch) Availability of open APIs (OpenFlow, OpenStack, OpenNaaS or OGF’s NSI) Industry Standard High Volume Servers server built using standardized IT components (for example x86 architecture) 16AHMAD HIJAZI
- 17. NFV and SDN 17AHMAD HIJAZI
- 18. NFV and SDN NFV is highly complementary to Software Defined Networking (SDN). Both use controller concepts for Operations and Administration (OAM). But Not Dependent on each other! SDN NFV Born in Campus, Matured in Data Center Created by Service Providers Is about separating control plane from data plane. Is about separating Network Functions (NAT, DHCP, etc.) from hardware “Software” DEFINES what the network will BE Network functions defines the network How system will handle traffic How network functions will be handled Operates the forwarding layer in a network Focused on network appliances OpenFlow Protocol No Protocol Targets commodity servers and switches Targets commodity servers and switches 18AHMAD HIJAZI
- 19. NFV and SDN Software Defined Network Networking enabled by software control Network Functions Virtualization Network services as a Software 19AHMAD HIJAZI
- 20. NFV Basic Diagram Hardware Hypervisor OS OS OS OS OS OS APP APPAPPAPPAPPAPP 20AHMAD HIJAZI
- 22. Architecture Main components of the NFV architecture: NFVI Virtualized (compute, storage, and network) and its corresponding physical (compute, storage, and network) resources. The execution environment for the VNFs. VNF domain The virtualized network functions and their management interface(s). NFV Management and Orchestration Lifecycle management of the physical and virtual resources that comprise the NFV environment. 22AHMAD HIJAZI
- 24. NFV Infrastructure (NFVI) Combination of both hardware and software resources. Physical resources include • commercial-off the-shelf (COTS) computing hardware • storage and network (made up of nodes and links) • Provides processing, storage and connectivity to VNFs • Presented in one or more Virtual Machines Virtual resources are abstractions achieved using a virtualization layer (based on a hypervisor). • Virtual Links • Virtual nodes • Virtual node is a software component with either hosting or routing functionality (OS encapsulated in VM) • Virtual Link is a logical interconnection of two virtual nodes. 24AHMAD HIJAZI
- 25. NFV Infrastructure (NFVI) Compute Domain • Computational and storage resources Hypervisor Domain • Abstracts the physical resources of compute domain to virtual domain (Virtual Machine) Network Domain • VNFC to VNFC communication if they are geographically separated • Communication of Orch. And Management with VNF/VNFC • Communication between different VNFs 25AHMAD HIJAZI
- 26. Virtual Network Functions Functional block that has external interfaces and functional behavior. Residential Gateway, DHCP, Firewalls, NAT … Deployed on virtual resources such as a VM Single VNF may be composed of multiple internal components • Hence can be deployed over multiple VMs 26AHMAD HIJAZI
- 27. Virtual Network Functions VNF contains VNFC 27AHMAD HIJAZI
- 28. NFV MANO Provides the functionality required for the provisioning of the VNFs Configuring VNFs and the infrastructure these functions run on Includes databases that are used to store the information and data models which defines Deployment Functions Services Resources 28AHMAD HIJAZI
- 31. VIM Virtualized Infrastructure Manager Manages life cycle of virtual resources in an NFVI domain Create Maintain Tear down Virtual machines from physical resources Resource management of compute, memory, and network Allocation of virtualization enables. (E.g. VMs to hypervisors) Increase resource to VMs when needed Collection of information for capacity planning, monitoring and optimization Performance and fault management of hardware, software and virtual resources. 31AHMAD HIJAZI
- 32. VIM NFV architecture may contain more than one VIM 32 NFV MANO Compute VIM Storage VIM Network VIM AHMAD HIJAZI
- 33. VNF Manager (VNFM) Responsible for VNF lifecycle management • Instantiation • Update • Query • Scaling • Termination Multiple VNF mangers my be deployed VNF manager may be deployed for each VNF VNF manager may serve multiple VNFs scales up/down VNFs which results in scaling up and scaling down of CPU usage. 33AHMAD HIJAZI
- 35. VNF Manager (VNFM) Resource allocation requests by the VNF Manager 35 Vi-Vnfm Exchanging information Events Measurements Results Usage Records Forwarding to VNFM AHMAD HIJAZI
- 36. NFV Management & Orchestrator There may be multiple VIMs managing respective NFVI domains Challenge 1 Who manages/coordinates the resources from different VIMs, when there are multiple VIMs in same or different PoPs (Point of Presence)? There may be multiple VNFMs managing their respective VNFs Challenge 2 Who manages/coordinates the creation of an end to end service that involves VNFs from different VNFMs domains? 36AHMAD HIJAZI
- 37. NFV Management & Orchestrator Resource Orchestration NFVO coordinates, authorizes, releases and engages NFVI resources among different PoPs or within one PoP. This does so by engaging with the VIMs directly through their north bound APIs instead of engaging with the NFVI resources, directly. This directly overcomes challenge no 1, i.e. resource allocation from different VIMs. Service Orchestration Service Orchestration overcomes the challenge no 2, i.e. creation of end to end service among different VNFs It achieves this by coordinating with the respective VNFMs so it does not need to talk to VNFs directly. Can instantiate VNFMs, where applicable. 37AHMAD HIJAZI
- 38. NFV Management & Orchestrator On-boarding of new network services and VNFs packages Validation and authorization of NFVI resource requests Manages resources (compute, storage and networking) to be utilized among VIMs in case there are multiple VIMs in network If there are multiple VNFs, orchestrator will enable creation of end to end service over multiple VNFs. 38AHMAD HIJAZI
- 39. NFV Management & Orchestrator Or-Vnfm NFVI resource authorization NFVI resource reservation VNF instance update VNF scale out/in up/down Forwarding Events NFVI resource allocation/ releasing 39AHMAD HIJAZI
- 41. NFV MANO Repositories VNF Catalog VNF Catalog is a repository of all usable VNFDs (VNF Descriptor). VNFD is a deployment template which describes a VNF in terms of its deployment and operational behavior requirements. Primarily used by VNFM in the process of VNF instantiation and lifecycle management of a VNF instance. Information provided in the VNFD is also used by the NFVO to manage and orchestrate Network Services and virtualized resources on NFVI. 41AHMAD HIJAZI
- 42. NFV MANO Repositories Network Services (NS) Catalog This is the catalog (list) of the usable Network services. A set of pre-defined templates, which define how services may be created and deployed, as well as the functions needed for the service and their connectivity for future use. NFV Instances Holds all details about Network Services instances through their lifetime NFVI Resources A repository of NFVI resources that holds information about available/allocated NFVI resources 42AHMAD HIJAZI
- 43. EMS Element Management System EM is not part of the MANO but if it is available, it needs to coordinate with VNFM so it is important to know about it. Responsible for the FCAPS management of VNF Fault Configuration Accounting Performance Security management Responsible for managing VNFs operations through an interface EMS can manage multiple VNFs EMS itself can be a VNF 43AHMAD HIJAZI
- 46. Compute, Memory and Network 46 Physical Part of NFVI Commodity servers AHMAD HIJAZI
- 47. OSS/BSS OSS ( Operations Support System ) • Software and hardware apps that support back-office activities which operate in a telco’s network BSS ( Business Support System ) • Software apps that supports customer-facing activities (billing, order management, call center automation …) 47AHMAD HIJAZI
- 49. VNFC Communications Scenario 1: Through Hardware Switch Scenario 2: Through vSwitch in Hypervisor 49AHMAD HIJAZI
- 50. NFV Use Cases 50AHMAD HIJAZI
- 51. Use Case 1 - NFVIaaS Network Functions Virtualization Infrastructure as a Service Cloud Computing Services are typically offered to consumers by SaaS (Software as a Service) PaaS (Platform as a Service) IaaS (Software as a Service) NaaS (Network as a Service) NFVI provide compute capabilities comparable to an IaaS cloud computing service as a run time execution environment. NFVI support the dynamic network connectivity services that is comparable to NaaS. 51AHMAD HIJAZI
- 52. Use Case 1 - NFVIaaS Mapping IaaS and NaaS within the NFV Infrastructure The resources to be pooled between these services are the physical network, storage and compute resources. In NFV model: Compute, Hypervisor, Network domains of NFVI. In Cloud Computing model: elements supporting IaaS OR NaaS. 52AHMAD HIJAZI
- 53. Use Case 2 - VNFaaS Virtual Network Function as a Service Service Provider without virtualization of the enterprise Virtualization of the enterprise include: Virtualization of the CPE functions (vE-CPE) in the service provider cloud Virtualization of the PE functions (vPE) 53AHMAD HIJAZI
- 54. Use Case 2 - VNFaaS Virtualisation of the CPE (vE-CPE) 54AHMAD HIJAZI
- 55. Use Case 2 - VNFaaS Result of Virtualisation of the CPE (vE-CPE) 55AHMAD HIJAZI
- 57. Challenges - Management Resource Management NFV PoPs Locations o VNFs will be hosted in operator network nodes o Latency to the location of subscribers o Setup and maintenance costs of multi servers Dynamic Resource Management o Many of Cloud Platforms require a manual trigger by the user or resource owner. Management across the board Management of entire service lifecycle is still missing out All providers provide a way to perform configuration, few add performance and security management. 57AHMAD HIJAZI
- 58. Challenges - Implementation Finding common management framework • Wide range of implementation choices is difficult without a consistent management framework that covers all the options. • Replacing virtual functions in cloud and using OpenStack as Cloud software platform Optimizing commercial servers for NFV implementation • Must be network-optimized through both hardware and software (Traffic Reliability, …) • Available performance of the underlying platform needs to be clearly indicated Many NFV implementations • Developers have to commit to the new environment, which will results in multiple platforms with different requirements sets 58AHMAD HIJAZI
- 59. Challenges - Implementation Portability/Interoperability • Ability to load and execute virtual appliances in different but standardized datacenter environments, provided by different vendors for different operators. • Define a unified interface which clearly decouples the software instances from the underlying hardware Integration • Different vendors • Hypervisors from different vendors • Virtual appliances from different vendors • There must not be incurring significant integration costs 59AHMAD HIJAZI
- 60. Challenges - Security Disperation of VMs that belong to a VNF across racks and cabinets. Physical perimeters of NF becomes blurred Impossible to manually define and manage security zones Hypervisor vulnerabilities Allowing several VMs to share resources of single server Hyperjacking A virtual appliance should be as secure as a physical appliance if the infrastructure, especially the hypervisor and its configuration, is secure. 60AHMAD HIJAZI
- 61. Challenges - Security Network Function-Specific Threats Attacks on network functions and/or resources (e.g., spoofing, sniffing and denial of service). If a third party network entities are malicious, the infrastructure can be disabled or compromised by using network attacks Once compromised, the whole network will be down, since the attacker will be able to access all NFVs 61AHMAD HIJAZI
- 62. NFV OpenStack OpenStack is an open source virtualization platform Enables service providers to deploy VNFs using commercial off-the-shelf (COTS) server hardware Apps are hosted in a data center and accessed via the cloud Standardized interfaces between NFV elements and infrastructure OPNFV project has implemented OpenStack for the Virtualization Infrastructure Manager (VIM) components in the first release 62AHMAD HIJAZI
- 63. NFV with SDN SDN serve NFV by providing the programmable connectivity between VNFs, these connections can be managed by the orchestrator of the VNFs Minimize the role of the SDN controller NFV serve SDN by implementing its network functions in a software manner on a COTSs servers. It can virtualize the SDN controller to run on the cloud 63AHMAD HIJAZI
- 65. Distributed NFV Although you can technically host VNFs anywhere you have available server resources, some VNFs simply make sense to be hosted at the network edge, and often explicitly within a customer premise. There are several reasons for this: Practicality (Encryption) Resilience (IP-Based PBX) Performance (QoS) 65AHMAD HIJAZI
- 68. Companies Providing NFV Alcatel-Lucent Alcatel-Lucent has its CloudBand platform for NFV that can be used for standard IT needs as well as for CSPs who are moving mobile networks into the cloud Cisco Created the Cisco Evolved Services Platform as part of its NFV strategy that virtualizes functions across a CSPs enterprise architecture Ericsson Ericsson SSR 8000 family of Smart Services Routers, provides operators with a highly scalable, consolidated platforms. Huawei Cloud Edge is part of Huawei’s SoftCOM roadmap for introducing advances in Cloud, NFV and Software-Defined Networking (SDN) technologies into the global telecoms market over the next ten years. 68AHMAD HIJAZI
Editor's Notes
- OPEX: nafa2at ltash8eeleyye
- Consolidate: دمج Capital expenditures are the funds that a business uses to purchase major physical goods or services to expand the company's abilities to generate profits. These purchases can include hardware (such as printers or computers), vehicles to transport goods, or the purchase or construction of a new building. An operating expense results from the ongoing costs a company pays to run its basic business. In contrast to capital expenditures, operating expenses are fully tax-deductible in the year they are made. As operational expenses make up the bulk of a company's regular costs, management examines ways to lower operating expenses without causing a critical drop in quality or production output.
- Growth is estimated to rise from a $1B market in 2014 at a combined aggregate growth rate north of 60% over the next 5 years leading (in the most optimistic case) to a double-digit billion dollar overall market.
- As all of the leading service providers have large operational networks driving millions in monthly revenue, an initial NFV deployment generally focuses on greenfield applications, for new services, or applications that aren't directly involved in transmitting live data (voice/video). Some application examples include: virtual CPE, virtual EPC for machine-to-machine, network analytics, DPI and service assurance.
- This way, a given service can be decomposed into a set of Virtual Network Functions (VNFs), which could then be implemented in software running on one or more industry standard physical servers. In Figures 1 and 2, we use an example of a CPE to illustrate the economies of scale that may be achieved by NFV. Fig. 1 shows a typical (current) implementation of a CPE which is made up of the functions: Dynamic Host Configuration Protocol (DHCP), Network Address Translation (NAT), routing, Universal Plug and Play (UPnP), Firewall, Modem, radio and switching. In this example, a single service (the CPE) is made up of eight functions. These functions may have precedence requirements. For example, if the functions are part of a service chain2, it may be required to perform firewall functions before NAT. Currently, it is necessary to have these functions in a physical device located at the premises of each of the customers 1 and 2. With such an implementation, if there is a need to make changes to the CPE, say, by adding, removing or updating a function, it may be necessary for a technician from the ISP to individually talk to or go to each of the customers. It may even require a complete change of the device in case of additions. This is not only expensive (operationally) for the ISPs, but also for the customers. In Figure 2, we show a possible implementation based on NFV in which some of the functions of the CPE are transferred to a shared infrastructure at the ISP, which could also be a data center. This makes the changes described above easier since, for example, updating the DHCP for all customers would only involve changes at the ISP. In the same way, adding another function such as parental controls for all or a subset of customers can be done at once. In addition to saving on operational costs for the ISP, this potentially leads to cheaper CPEs if considered on a large scale.
- Instead of installing expensive proprietary hardware, service providers can purchase inexpensive switches, storage and servers to run virtual machines that perform network functions. This collapses multiple functions into a single physical server, reducing costs and minimizing truck rolls. If a customer wants to add a new network function, the service provider can simply spin up a new virtual machine to perform that function. For example, instead of deploying a new hardware appliance across the network to enable network encryption, encryption software can be deployed on a standardized server or switch already in the network. This virtualization of network functions reduces dependency on dedicated hardware appliances for network operators, and allows for improved scalability and customization across the entire network. Different from a virtualized network, NFV seeks to offload network functions only, rather than the entire network.
- Network Functions Virtualization will leverage modern technologies such as those developed for cloud computing. At the core of these cloud technologies are virtualization mechanisms: hardware virtualisation by means of hypervisors, as well as the usage of virtual Ethernet switches (e.g. vswitch) for connecting traffic between virtual machines and physical interfaces. OpenNaaS is an open source platform for provisioning network resources and services. OpenStack is a free and open-source software platform for cloud computing.
- SDN some piece of software (usually running on a server) decides what the network for some use case should look like - who can talk to whom, what paths should exist, attributes of handling of packets along paths, load Badani g between oaths, etc. Etc. - and this decision - a result of some algorithm - is then made reality, by programming all the nodes involved to each carry out their part of this grand plan. These nodes can be switches, virtual switches, NICs - if they are on some path that relevant packets could get to, they need to be programmed what to do. This includes programming them to respond to events, such as link or node failures. Since the Program (“Software”) DEFINES what the network will BE, you get “SDN” NFV the normal network implementation are full of “boxes” - routers, load balances, firewalls, spam filters, Network Address Translators, video encoders/converters, etc. Typically each such box comes from a different vendor, with its own HW to maintain (e.g. Each will have a different model Power supply). The NFV idea is (grossly simplified) - what if we have a price of software, running on a “standard” server that does the same exact thing to packets it sees? E.g. We can have a piece of software that simulates an F5 load balancer, or a Barracuda Spam filter, or a Palo-Alto Networks firewall etc. Then, if I need 2X the capacity, I just run two copies of this software, and if I need less, I run fewer copies, or run it on a weaker system. No need to pay for special per-vendor hardware. So, if we call the boxes “Network Functions” as an aggregate name, we get “Network Function Virtualization” with each SW-version-of-a-box called a “VNF” a Virtual NW function. Software Defined Networking operates the forwarding layer in a network. There are many sub-technologies here such as overlay/encapsulated networking, controllers, APIs and applications that replace the previous generation of forwarding technologies. Networking could be performed directly in hardware using technology like EVPN/MPLS or using overlay like VXLAN/MPLSnoGRE depending on market development over the next few years. Network Functions Virtualization is focused on network appliances that perform path control, protocol manipulation, logging/monitor/capture, content analysis, security control and similar functions. These functions are in use today as routers, firewalls, IDS/IPS, proxy caching, WAN acceleration, data centre and WAN load balancers. But also include services such as identity & authentication management (IAM) with AAA, data loss prevention, malware/virus inspection/detection, content.
- LB, Firewall, Web, all are APIs
- commercial off-the-shelf, an adjective that describes software or hardware products that are ready-made and available for sale to the general public.7 Local area network and wide area networks. In local area networks (LANs) and wide area networks (WANs), a network node is a device that performs a specific function. Each node needs to have a MAC address for each network interface card (NIC). Examples include modems with Ethernet interfaces, wireless LAN access points and computers. If a device is offline, its function as a node will be lost.
- VNFC: Virtual Network Function Component
- The Network Functions Virtualisation Management and Orchestration (NFV-MANO) architectural framework has the role to manage the NFVI and orchestrate the allocation of resources needed by the NSs and VNFs. Such coordination is necessary now because of the decoupling of the Network Functions software from the NFVI.
- Why it is important for you to know about NFV MANO, in the first place? Because, MANO acts as the heart and brain of NFV architecture and understanding it will clarify the complete NFV picture to you.
- VIM manages NFVI resources in “one domain”. (NFVI is the NFV Infrastructure that includes physical (server, storage etc.), virtual resources (Virtual Machines) and software resources (hypervisor) in an NFV environment). Note the word “one domain” here. So there may be multiple VIMs in an NFV architecture, each managing its respective NFV Infrastructure (NFVI) domain.
- VNFM is to VNFs, what VIM is to NFVI. That is, VNFM manages VNFs. (Just for review: VNF is the virtualized network element like Router VNF, Switch VNF etc.). Specifically, VNFM does the following: VNFM manages life cycle of VNFs. That is it creates, maintains and terminates VNF instances. ( Which are installed on the Virtual Machines (VMs) which the VIM creates and manages) Vi-Vnfm: - Exchanges of configuration information between reference point peers, and forwarding to the VNF Manager such information for which the VNFM has subscribed to (e.g. events, measurement results, and usage records regarding NFVI resources used by a VNF).
- Vi-Vnfm: - Exchanges of configuration information between reference point peers, and forwarding to the VNF Manager such information for which the VNFM has subscribed to (e.g. events, measurement results, and usage records regarding NFVI resources used by a VNF).
- These challenges are overcome by the following two functions of NFVO.
- Service Orchestration (2) : Example would be creating a service between the base station VNF’s of one vendor and core node VNF’s of another vendor. It does the topology management of the network services instances (also called VNF Forwarding Graphs). You may appreciate now that NFVO is like a glue in NFV that binds together different functions and creates an end to end service/ resource coordination in an otherwise dispersed NFV environment. A northbound interface is an interface that allows a particular component of a network to communicate with a higher-level component.
- NFV Orchestrator (NFVO): The NFVO is aimed at combining more than one function so as to create end-to-end services. To this end, the NFVO functionality can be divided into two broad categories: (1) resource orchestration, and (2) service orchestration. The first is used to provide services that support accessing NFVI resources in an abstracted manner independently of any VIMs, as well as governance of VNF instances sharing resources of the NFVI infrastructure. Service orchestration deals with the creation of end-to-end services by composing different VNFs, and the topology management of the network services instances. Example: Let’s say there are multiple VNFs which need to be chained to create an end to end service. One example of such case is a virtual Base station and a virtual EPC. They can be from same or different vendors. There will be a need to create an end to end service using both VNFs. This would demand a service orchestrator to talk to both VNFs and create an end to end service.
- Or-vnfm: • NFVI resources authorization/validation/reservation/release for a VNF. • NFVI resources allocation/release request for a VNF. • VNF instantiation. • VNF instance query (e.g. retrieve any run-time information). • VNF instance update (e.g. update configuration). • VNF instance scaling out/in, and up/down. • VNF instance termination. • VNF package query. • Forwarding of events, other state information about the VNF that may impact also the Network Service instance.
- Data Repositories: Data repositories are databases that keep different types of information in the NFV MANO. Four types of repositories can be considered:
- It is very important to understand the repositories (like files/lists) that hold different information in NFV MANO. There are four types of repositories
- The NS catalog is a set of pre-defined templates, which define how services may be created and deployed, as well as the functions needed for the service and their connectivity; (3) the NFVI resources repository holds information about available/allocated NFVI resources; and (4) the NFV instances repository holds information about all function and service instances throughout their lifetime. A network service is an application running at the network application layer and above, that provides data storage, manipulation, presentation, communication or other capability which is often implemented using a client-server or peer-to-peer architecture
- If you recall, VNFM does the same job. But EM can do it through proprietary interface with the VNF in contrast to VNFM. However EM needs to make sure that it exchanges information with VNFM through open reference point (Ve-Vnfm-em) The EM may be aware of virtualization and collaborate with VNFM to perform those functions that require exchange of information regarding the NFVI resources associated with VNF.
- The NFVO performs orchestration functions of NFVI resources across multiple VIMs and lifecycle management of network services. The VNFM performs orchestration and management functions of VNFs. The VIM performs orchestration and management functions of NFVI resources within a domain. The NFVO interacts with the OSS/BSS for provisioning, configuration, capacity management, and policy-based management. The VNFM interacts with the Element Manager (EM) and the VNF for provisioning, configuration, and fault and alarm management.
- NF-Vi • Allocate VM with indication of compute/storage resource. • Update VM resources allocation. • Migrate VM. • Terminate VM. • Create connection between VMs. • Configure connection between VMs. • Remove connection between VMs. • Forwarding of configuration information, failure events, measurement results, and usage records regarding NFVI (physical, software, and virtualised resources) to the VIM. MANO has multiple reference points that are shown as interconnection points between the functional blocks as shown i.e. Or-Vi, NF-Vi, Or-Vnfm etc. Why MANO calls them reference points and not interfaces? MANO does not call them interfaces because “interface” relates to allowing two way communication between entities. The reference point is an architectural concept that defines and exposes an external view of a functional block. And since MANO talks about functional blocks so it uses the word “reference point” instead.
- Commodity hardware, in an IT context, is a device or device component that is relatively inexpensive, widely available and more or less interchangeable with other hardware of its type. A commodity server is a commodity computer that is dedicated to running server programs and carrying out associated tasks. In many environments, multiple low-end servers share the workload. Commodity servers are often considered disposable and, as such, are replaced rather than repaired. #Hadoop #Storage
- OSS/BSS include collection of systems/applications that a service provider uses to operate its business. NFV is supposed to work in coordination with OSS/BSS. In principle it would be possible to extend the functionalities of existing OSS/BSS to manage VNFs and NFVI directly, but that may be a proprietary implementation of a vendor ( or at least the interfaces between EM and VNFs are not yet defined by ETSI as of now) . As NFV is an open platform, so managing NFV entities through open interfaces (As that in MANO) makes more sense. The existing OSS/BBS, however, can value add the NFV MANO by offering additional functions if they are not supported by a certain implementation of NFV MANO. This is done through an open reference point (Or-Ma-NFVO) between NFV MANO and existing OSS/BSS.
- Scenario 3: Direct Serial Bus Communication
- Some literature [i.5] also refers to a capability to offer network connectivity services as Network as a Service (NaaS), but no reference was found for a standardized definition of this term. One application for NaaS appears to be the on demand creation of network connectivity between CSPs and CSCs, though it may also refer to the on demand creation of network connectivity within data centres or between the computing nodes of a CSPs infrastructure.
- The computing nodes of the NFV Infrastructure will be located in NFVI-PoPs such as central offices, outside plant, specialized pods or embedded in other network equipment or mobile devices.
- Virtualisation of the PE functions (vPE) where the virtual network services functions and core-facing PE functions can be executed in the service provider cloud. These two steps are independent and may be deployed separately. PE routers are typically shared by a high number of customers, whereas a CPE router is used exclusively by a single customer. Thus, economies of scale that can be gained from CPE virtualisation are significantly greater compared to PE virtualisation. It is likely, therefore, that virtualisation of the CPE will take place first, providing the largest benefit for both the Enterprise users and the Service providers. Virtualisation of the PE may be done at a later stage to complete the transition to a fully Virtualised NFV solution. In some architectures, the vE-CPE and vPE may be controlled by a centralized controller following the SDN architecture principles and standards (e.g. OpenFlow).
- The vE-CPE solution enhances the enterprise network by replacing appliances with NFV compliant Virtualised solutions located at either the enterprise cloud or the operator of the NFV framework. Services provided by the vE-CPE may include a router providing QoS and other high-end services such as L7 stateful firewall, intrusion detection and prevention and more. Application accelerators are also deployed either as standalone appliances or as router integrated services.
- This figure presents the functionality re-distribution as a result of the virtualisation of the CPE. The enterprise local traffic is handled by a local L2 or L3 switch providing physical connectivity (and possibly further functionality), and the enterprise LAN is extended to the Operator NFV Network located vE-CPE. Example functionality provided by the vECPE in Figure 7 includes routing, VPN termination, QoS support, DPI, NG-FW and a WOC (WAN Optimization Controller). We contrast the case of a non-virtualised customer site served by a non-virtualised CPE, and that of a site served by a vE-CPE. The dotted purple lines indicate where this vE-CPE functionality may be located.
- Finding common management Framework In theory, NFV could be hosted on anything from dedicated physical servers to virtual servers in the cloud. But in practice, accommodating that wide a range of implementation choices is difficult without a consistent management framework that covers all the options. The answer to that problem may be in placing virtual functions in the cloud and using OpenStack as the cloud software platform. OpenStack has wide industry support, and it has a network-as-a-service framework. Optimizing commercial servers for NFV implementation The challenge is how to keep the performance degradation as small as possible by using appropriate hypervisors and modern software technologies, so that the effects on latency, throughput and processing overhead are minimized. The available performance of the underlying platform needs to be clearly indicated, so that virtual appliances know what they can get from the hardware. The authors of the white paper believe that using the right technology choice will allow virtualisation not only of network control functions but also data/user plane functions.
- Theoretically, NFV is an ideal solution for deploying new network equipment and services because network functions can be dynamically updated via software downloads and updates instead of replacing physical hardware. However, some security and robustness issues still need to be addressed to fully attain the benefits of using NFV. Due to the dispersion of VMs that belong to a VNF across racks and datacenters, and due to migration of VMs for optimization or maintenance purposes, the physical perimeters of network functions become blurred and fluid, making it practically impossible to manually define and manage security zones. Hypervisor vulnerabilities are the first security consideration a network administrator should look at when using NFV. In the NFV infrastructure, virtual network functions run on virtual machines. A hypervisor makes this possible by allowing several VMs to share resources of a single computer or server. One vulnerability is hyperjacking, which is a type of attack that allows a hacker to overtake control of a hypervisor and gain access to less secure virtual machines, and possibly to misconfigured SDN controllers and other hypervisors that are not properly secured. For example, a longtime critical flaw in the Xen hypervisor that allowed attackers to gain access to the host operating system was discovered and subsequently patched last fall.
- ETSI used openstack for deploying OPNFV
- Practicality: For example, if an enterprise is serious about security, its data must be encrypted before it leaves their building - (meaning the encryption VNF is best hosted on a server physically located within the customer premise.) Resilience: some network functions, such as IP-based PBX, must be available even when the WAN connection is down. If this network function is hosted in a distant data center and the network connection to it fails, the enterprise may not be able to make local phone calls, or even calls between cubicles in the same office! Performance: certain network functions perform better when hosted at the network edge, such as end-to-end Quality of Service (QoS) management or guaranteed Service Level Agreement (SLA) demarcation. Economics: although some VNFs can be ported into a centralized location via redundant WAN connections, this incurs additional costs that may counter the benefits of hosting the network function in a web-scale data center. Corporate Policy / Government Regulations: certain security-related network functions must be hosted within a secure customer premise due to corporate policy or local government regulation, such as encryption.
- What do Service Providers actually think about D-NFV? According to the fourth annual SDN/NFV Global Service Provider Survey directed by respected Senior Research Director and Advisor of Carrier Networks, Michael Howard from IHS Markit, Service Providers see great opportunity with hosting VNFs at the network edge. As shown below, almost 90% of respondents named the most important NFV use case for revenue generation to be Business vE-CPE (virtual Enterprise – Customer Premise Equipment), which is essentially the Distributed NFV (D-NFV) use case discussed above. This makes sense when you consider all of the above-mentioned reasons why hosting some VNFs at the network edge is often the right thing to do. Hosting certain VNFs at the network edge makes sense, but how big is the market for D-NFV services? Well, that depends on how many VNFs you include in the addressable distributed market space, since some VNFs can be hosted essentially anywhere in the end-to-end network. Internal Ciena estimates put the market size to be upwards of US$60B when network services such as managed IP/VPN, managed security, WAN optimization, SD-WAN, and SIP trunking are combined into an addressable market. No wonder Service Providers are focused on NFV-based services, as it makes good sense from an economic and practicality perspective.
- CSP: communication service provider