© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

Network Functions Virtualization November 22, 2013

Mike Anastasakis Systems Engineer

mike.anastasakis@scalar.ca

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

INTRODUCTION TO NFV

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

}  Over two-thirds of x86 server workloads are virtualized today, according to Gartner

}  Virtualization driven by increased demand for: –  Rapid Service Deployment –  Elastic Computing Requirements –  Requirement for lower deployment costs

}  Some of these same demands exist in networking which is why Network Functions Virtualization (NFV) is quickly becoming a hot trend

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

}  Virtualizing network functions such as: –  Stateful Firewalls –  Routers –  Application Delivery Controllers / Load

Balancers –  VPN Devices

}  Running these functions on virtualized x86 servers instead of expensive, dedicated ASIC based appliances

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

}  A group was formed under the ETSI (European Telecommunications Standards Institute) called “Network Functions Virtualization”

}  Published a white-paper in October of 2012 calling for virtualization of network functions

}  Members such as: AT&T, BT, China Mobile, DT, NTT, Orange, Telecom Italia, Telefonica, Telstra, Verizon

}  http://portal.etsi.org/NFV/NFV_White_Paper.pdf

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

}  Rapid Service Deployment –  Ability to template and image NFV devices –  Deployment is as easy as copying an image and

spinning up a new VM –  Integration with Orchestration Stack

}  Elasticity –  Ideal for situations where temporary but large

scale increases in traffic and services exist

}  Lower Deployment Costs –  No additional hardware to purchase, as long as

resources exist in virtual environment

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

}  Brocade / Vyatta vRouter –  Stateful Firewall –  Dynamic Routing – OSPF, BGP, RIP –  Policy Based Routing –  IPSec, SSL VPN Support

}  Brocade Virtual ADX Application Delivery Switch –  Intelligent Server Load Balancing –  Powerful ADX OpenScript Community –  Layer 4 to 7 Service Delivery

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

Brocade Vyatta vRouter

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

}  Virtual router, runs on bare metal or any hypervisor that supports a Linux/Debian guest

}  Support for VMware, Xen/XenServer, Red Hat KVM, Hyper-V

}  Available for download as an OVF/OVA template, Xen XVA, KVM Image, and Live CD ISO image

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

IPv4 / IPv6 Routing

Firewall

VPN

High Availability

}  BGP }  OSPF }  RIPv2 }  Multicast

}  Stateful Inspection }  Zone Based }  IPv6 Capable }  Stateful Failover

}  OpenVPN SSL }  IPSec }  Layer 2 GRE }  PPTP, L2TP

}  Stateful Failover }  HA Clustering }  Config Replication }  VRRP

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

}  Available as an open source since 2006

}  Vyatta Subscription Edition introduced with premium features: web gui, config sync, Restful API access

}  Based on standard Linux, Quagga packages, OpenVPN

}  Brocade Acquires Vyatta in April 2012

}  VSE becomes: Brocade Vyatta vRouter 5400

}  Brocade Vyatta vRouter 5600 series introduced in 2013: PCI Passthrough, SR-IOV, vPLANE contributing to 10G capability

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

Brocade Virtual ADX

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

}  Distributed Management and Application Cores, independent of Linux Kernel –  Adding virtual CPU, Memory will allow increased

performance

}  Automated Service Provisioning –  Can easily be copied and moved closer to

application workloads

}  Intelligent Load Balancing –  Choose from multiple metrics for optimal load

balancing –  Server Connections, Response Time, SNMP weight

(ex. CPU, Memory, etc.)

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

}  Deep Packet Inspection - Layer 3 - 7

}  Easily support multi-tenancy

}  LBaaS – Load Balancer as a Service

}  OpenScript –  Allows perl scripts to be compiled into byte

code for fast processing –  Read/Write Layer 3-7 headers on the fly

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

NFV USE CASES

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

Brocade Vyatta vRouter

vR1 – Stateful FWBrocade

Vyatta vRoutervR2 – Stateful FW

172.16.22.0/24

172.16.23.0/24

Brocade Virtual ADX

172.16.22.11172.16.22.10

Linux Web Server 1

Linux Web Server 2

172.16.23.200 172.16.23.201

172.16.23.10172.16.23.11OSPF Area 0

BGP AS 65535

Cluster VIP172.16.22.12

BrocadeVyatta vRouter

vR3 – Internet Router / VPN / IPv6

172.16.22.14

Internet

Internal WEB VIP172.16.23.203

External NATWEB VIP

172.16.22.12:8080

fc00:22::14/64

eth0 eth0

eth0

eth1

eth1

eth1 172.16.78.194/24

Cluster VIP172.16.23.12

© 2013 Scalar Decisions Inc. Not for distribution outside of intended audience

THANK YOU.