what is network function virtualisation (nfv)?
TRANSCRIPT
WHAT IS NETWORK FUNCTION VIRTUALISATION (NFV)?
V1.1 22.3.2016 Karri Huhtanen
Network Function Virtualisation (NFV)
In computer science, network function virtualisation (NFV) is a network architecture concept which uses the technologies of IT virtualisation. It is used to virtualise entire classes of network node functions into building blocks that may connect, or chain together, to create communication services.
-- https://en.wikipedia.org/wiki/Network_function_virtualization
Virtualised Network Function (VNF)
NFV relies upon, but differs from, traditional server-virtualisation techniques, such as those used in enterprise IT. A virtualised network function, or VNF, may consist of one or more virtual machines running different software and processes. They are run on top of standard high-volume servers, switches and storage, or even cloud computing infrastructure, instead of having custom hardware appliances for each network function.
-- https://en.wikipedia.org/wiki/Network_function_virtualization
BroadbandCustomers
Mobile Network
Customers
EnterpriseCustomer
Operator Core Network
Content Provider Services
OperatorServices
Traditional Model
Internet router
routerrouter
router
firewall
firewallfirewall
server
server
server
server
server
server
BroadbandCustomers
access gateway
router router
router
router router
firewall firewall
DHCPDNS
BroadbandCustomers
Mobile Network
Customers
EnterpriseCustomer
Operator Core Network
Content Provider Services
OperatorServices
Centralised Services
Internet router
routerrouter
router
firewall
firewallfirewall
server
server
server
server
server
server
BroadbandCustomers
access gateway
router router
router
router router
firewall firewall
DHCPDNS
BroadbandCustomers
Mobile Network
Customers
EnterpriseCustomer
Operator Core Network
Content Provider Services
OperatorServices
Geographically distributed Point-of-Presences (PoPs)
Internet router
routerrouter
router
firewall
firewallfirewall
server
server
server
server
server
server
BroadbandCustomers
access gateway
router router
router
router router
firewall firewall
DHCPDNS
BroadbandCustomers
Mobile Network
Customers
EnterpriseCustomer
Operator Core Network
Content Provider Services
OperatorServices
Geographically distributed dedicated hardware devices
Internet router
routerrouter
router
firewall
firewallfirewall
server
server
server
server
server
server
BroadbandCustomers
access gateway
router router
router
router router
firewall firewall
DHCPDNS
BroadbandCustomers
Mobile Network
Customers
EnterpriseCustomer
Operator Core Network
Content Provider Services
OperatorServices
Static model
Internet router
routerrouter
router
firewall
firewallfirewall
server
server
server
server
server
server
BroadbandCustomers
access gateway
router router
router
router router
firewall firewall
DHCPDNS
● Each device and server has its own fixed function and capacity.
● Adding more functions or capacity requires more devices, which is very slow.
BroadbandCustomers
Mobile Network
Customers
EnterpriseCustomer
Operator Core Network
Content Provider Services
OperatorServices
If something breaks or overloads...
Internet router
routerrouter
router
firewall
firewallfirewall
server
server
server
server
server
server
BroadbandCustomers
access gateway
router router
router
router router
firewall firewall
DHCPDNS
● Adding replacements or capacity is hard and slow. ● Devices and servers can only fill their fixed function
or role.● Changes can only be reactive and done manually.
DDOS attack
Electricity brown- / blackout
DHCP serveroverload
SMS/MMSServer overload
New Game of Thrones Season Free-For-All
Firewall software upgrade failed
Traditional ways to cope with problems
● Allocating spare capacity, i.e. more capacity than is needed
● Adding redundancy, spare hardware units, i.e. more hardware than is needed
● Segmenting service areas and cells smaller => potential problems affect less customers
● Creating manual controls, e.g. firewall filters when DDoS is active
● Change control, proactive planning
The brave new world of Network Function Virtualisation
NFV
BroadbandCustomers
Mobile Network
Customers
EnterpriseCustomer
Operator Core Network
Content Provider Services
OperatorServices
Instead of this …
Internet router
routerrouter
router
firewall
firewallfirewall
server
server
server
server
server
server
BroadbandCustomers
access gateway
router router
router
router router
firewall firewall
DHCPDNS
BroadbandCustomers Mobile
NetworkCustomers
EnterpriseCustomer
Operator Core Network
Content Provider Services
OperatorServices
NFV offers something like this…
Internet
BroadbandCustomers
firewall firewall
router routerspare
firewall firewall
router routersparespare
capacity ac. gw ac. gw
router router dhcp
dns
cachecache
sparecapacity sms mms
router router dhcp
dns
firewallfirewall
firewall firewall
router routerspare
firewall firewall
router routerspare
serverservercache
BroadbandCustomers Mobile
NetworkCustomers
EnterpriseCustomer
Operator Core Network
Content Provider Services
OperatorServices
Virtualised Network Functions / devices
Internet
BroadbandCustomers
● Virtualised network functions run on virtual hosts on top of the virtualisation infrastructure in data centers or PoPs
● Virtual infrastructure can extend across PoPs
firewall firewall
router routerspare
firewall firewall
router routersparespare
capacity ac. gw ac. gw
router router dhcp
dns
cachecache
sparecapacity sms mms
router router dhcp
dns
firewallfirewall
router
firewall firewall
router routerspare
serverservercache
firewall firewall
router routerspare
BroadbandCustomers Mobile
NetworkCustomers
EnterpriseCustomer
Operator Core Network
Content Provider Services
OperatorServices
Functions/services/capacity shared across regions or customer groups
Internet
BroadbandCustomers
firewall firewall
router routerspare
firewall firewall
router routersparespare
capacity ac. gw ac. gw
router router dhcp
dns
cachecache
sparecapacity sms mms
router router dhcp
dns
firewallfirewall
firewall firewall
router routerspare
firewall firewall
router routerspare
serverservercache
BroadbandCustomers Mobile
NetworkCustomers
EnterpriseCustomer
Operator Core Network
Content Provider Services
OperatorServices
Extra capacity available freely
Internet
BroadbandCustomers
● Any spare capacity can be allocated for any VNF● Roles and functions are dynamic, not fixed● Actual hardware capacity can be utilised more
efficiently across regions and customers
firewall firewall
router routerspare
firewall firewall
router routersparespare
capacity ac. gw ac. gw
router router dhcp
dns
cachecache
sparecapacity sms mms
router router dhcp
dns
firewallfirewall
firewall firewall
router routerspare
firewall firewall
router routerspare
serverservercache
BroadbandCustomers Mobile
NetworkCustomers
EnterpriseCustomer
Operator Core Network
Content Provider Services
OperatorServices
Capacity is general- purpose capacity
Internet
BroadbandCustomers
firewall firewall
router router cache
cache firewall firewall
router router firewall
firewallac. gw ac. gw
router router cache
dns
cachecachecachecache
router
ac. gw
sms mms
router router dhcp
dns
firewallfirewallmmsspare
router
sms firewall firewall
router router spare
firewall
firewall firewall
router router server
cache
serverservercache
● Capacity can be allocated automatically● Roles and functions can be changed according
current needs or detected anomalies● Reconfiguration/scaling can be done automatically
Broadband Customer and Mobile Network PoPs prepare for prime time in streaming by repurposing capacity to streaming caches and regional routing and access capacity.
Enterprise customer fights DDoS with additional firewall capacity
Operator prepares for peak in SMS/MMS messages Content Service
Provider adds more capacity and caching for prime time
Prime time traffic requires more firewall capacity
But wait, there’s even more…
BroadbandCustomers Mobile
NetworkCustomers
EnterpriseCustomer
Operator Core Network
Content Provider Services
OperatorServices
This is called Network Function Virtualisation Infrastructure (NFVI)…
Internet
BroadbandCustomers
firewall firewall
router routerspare
firewall firewall
router routersparespare
capacity ac. gw ac. gw
router router dhcp
dns
cachecache
sparecapacity sms mms
router router dhcp
dns
firewallfirewall
firewall firewall
router routerspare
firewall firewall
router routerspare
serverservercache
BroadbandCustomers Mobile
NetworkCustomers
EnterpriseCustomer
Operator Core Network
Content Provider Services
OperatorServices
Each of the small boxes can be a Virtualised Network Function (VNF) …
Internet
BroadbandCustomers
firewall firewall
router routerspare
firewall firewall
router routersparespare
capacity ac. gw ac. gw
router router dhcp
dns
cachecache
sparecapacity sms mms
router router dhcp
dns
firewallfirewall
firewall firewall
router routerspare
firewall firewall
router routerspare
serverservercache
Each of the VNFs can consist of multiple components (VNFC) …
FIREWALL VNF
Load balancer
Load balancer
PacketFilter
PacketFilter
PacketFilter
PacketFilter
Stateful Firewall
Stateful Firewall
Stateful Firewall
Stateful Firewall
Policy and Rule Database
Policy and Rule Database
VNFC VNFCVNFCVNFC
autoscaling
● Each Virtualised Network Function Component (VNFC) may consist of several virtual hosts, which automatically scale up and down when needed.
● VNFs and VNFCs can both provide e.g. REST or netconf interfaces for management, monitoring and integration purposes.
Idea is that VNFCs and VNFs can be re-used…
ENTERPRISE SITE VNF
FIREWALL VNF AUTHENTICATIONAUTHORISATION
ACCOUNTINGVNF
ROUTER VNF
VPN VNF STORAGE VNFCLOUD BACKUP VNF
● … as building blocks of new VNFs and services.
● They are supposed to have web services like REST APIs => web developers are supposed to be able to build operator customer self-service portals
● Standardised interfaces should mean better vendor interoperability => avoiding vendor lock-ins
ETSI NFV Architecture and Interfaces
NFVI
OSS/BSS
EM1 EM2
VNF3VNF1 VNF2
EM3
Virtual Computing
Virtual Storage
Virtual Network
Computing Hardware
Storage Hardware
Network Hardware
VirtualisationLayer
Vn-Nf
VI-Ha
NFV Management and Orchestration
NFV Orchestrator
VNF Manager(s)
Virtualised Infrastructure Manager(s)
VNF Manager(s)VNF Manager
(s)
Os-Ma
Ve-Vnfm
Nf-Vi
Or-Vnfm
Vi-Vnfm
Service, VNF and Infrastructure Description
Or-Vi
According to ETSI GS NFV-SWA 001 V1.1.1 (2014-12): Network Functions Virtualisation (NFV); Virtual Network Functions Architecture
NFVI
OSS/BSS
EM1 EM2
VNF3VNF1 VNF2
EM3
Virtual Computing
Virtual Storage
Virtual Network
Computing Hardware
Storage Hardware
Network Hardware
VirtualisationLayer
Vn-Nf
VI-Ha
NFV Management and Orchestration
NFV Orchestrator
VNF Manager(s)
Virtualised Infrastructure Manager(s)
VNF Manager(s)VNF Manager
(s)
Os-Ma
Ve-Vnfm
Nf-Vi
Or-Vnfm
Vi-Vnfm
Service, VNF and Infrastructure Description
Or-Vi
Operations Support System (OSS),Billing Support System (BSS)
Element Management (EM)
MANO
VNFM
VIM
NFVI
OSS/BSS
EM1 EM2
VNF3VNF1 VNF2
EM3
Virtual Computing
Virtual Storage
Virtual Network
Computing Hardware
Storage Hardware
Network Hardware
VirtualisationLayer
Vn-Nf
VI-Ha
NFV Management and Orchestration
NFV Orchestrator
VNF Manager(s)
Virtualised Infrastructure Manager(s)
VNF Manager(s)VNF Manager
(s)
Os-Ma
Ve-Vnfm
Nf-Vi
Or-Vnfm
Vi-Vnfm
Service, VNF and Infrastructure Description
Or-Vi
Main NFV reference points
NFVI
OSS/BSS
EM1 EM2
VNF3VNF1 VNF2
EM3
Virtual Computing
Virtual Storage
Virtual Network
Computing Hardware
Storage Hardware
Network Hardware
VirtualisationLayer
Vn-Nf
VI-Ha
NFV Management and Orchestration
NFV Orchestrator
VNF Manager(s)
Virtualised Infrastructure Manager(s)
VNF Manager(s)VNF Manager
(s)
Os-Ma
Ve-Vnfm
Nf-Vi
Or-Vnfm
Vi-Vnfm
Service, VNF and Infrastructure Description
Or-Vi
Execution reference points
NFVI
OSS/BSS
EM1 EM2
VNF3VNF1 VNF2
EM3
Virtual Computing
Virtual Storage
Virtual Network
Computing Hardware
Storage Hardware
Network Hardware
VirtualisationLayer
Vn-Nf
VI-Ha
NFV Management and Orchestration
NFV Orchestrator
VNF Manager(s)
Virtualised Infrastructure Manager(s)
VNF Manager(s)VNF Manager
(s)
Os-Ma
Ve-Vnfm
Nf-Vi
Or-Vnfm
Vi-Vnfm
Service, VNF and Infrastructure Description
Or-Vi
Other reference points
NFVI
OSS/BSS
EM1 EM2
VNF3VNF1 VNF2
EM3
Virtual Computing
Virtual Storage
Virtual Network
Computing Hardware
Storage Hardware
Network Hardware
VirtualisationLayer
Vn-Nf
VI-Ha
NFV Management and Orchestration
NFV Orchestrator
VNF Manager(s)
Virtualised Infrastructure Manager(s)
VNF Manager(s)VNF Manager
(s)
Os-Ma
Ve-Vnfm
Nf-Vi
Or-Vnfm
Vi-Vnfm
Service, VNF and Infrastructure Description
Or-Vi
OpenStack HEATOverture
OpenManoNokia
EricssonHP ...
Overture, vendor own
VNFMsOpenStackVMWare
WindRiverCanonicalRed HatUbuntuSuseHP...
NokiaEricssonJuniperCisco
HPRadiator
...
Implementations
VNF architecture
Virtualised Network Function (VNF)
Virtualised Network Function Infrastructure (VNFI)
Element Management (EM)
Virtualised Network Function Manager
(VNFM)
Virtualised Network Function
Component (VNFC)
Virtualised Network Function
Component (VNFC)
Vn-NfSWA-5
Vn-NfSWA-5
SWA-4
SWA-3Ve-Vnfm-vnf
SWA-1 SWA-2
According to ETSI GS NFV-SWA 001 V1.1.1 (2014-12): Network Functions Virtualisation (NFV); Virtual Network Functions Architecture
VNF definition by ETSI
“A Virtualised Network Function (VNF) is a Network Function capable of running on an NFV Infrastructure (NFVI) and being orchestrated by a NFV Orchestrator (NFVO) and VNF Manager. It has well-defined interfaces to other NFs via SWA1, the VNF Manager, its EM, and the NFVI and a well-defined functional behaviour.”
ETSI GS NFV-SWA 001 V1.1.1 (2014-12): Network Functions Virtualisation (NFV); Virtual Network Functions Architecture
Summary● The objective in NFV is to build an automated standard-based cloud infrastructure for
creating communication services.● ETSI is leading the NFV standardisation.● Operators are also doing partial reference implementations such as Telefonica’s
OpenMano for management and orchestration.● Many vendors and operators are participating into OPNFV work, which aims to build a
full reference stack for operator NFV.● Current favourite for Virtualised Network Function Infrastructure (VNFI) is OpenStack,
which provides also basic management and orchestration (MANO) components such as Heat.
● Some parts and objectives of the NFV concept may feel utopian, but work is constantly being done to fill the gaps.
● NFV infrastructure and VNFs are already being deployed for customers even if those components do not yet have all the features NFV concept promises.