PPJ-07

PPJ #7 Virtualization & Software Defined Networking http://eueung.github.io/EL5244/ Dr.-Ing. Eueung
Mulyana | 2015H2

This material is mainly a derivative and remix work. Most
of the texts and illustrations are taken from the talks/lectures given by the referenced networking professors/gurus/ninjas (Credits at the end of the Slide).

SDN Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Packet
Forwarding Control Control Control Control Control Global Network Map Control Plane Control Program Control Program Control Program

Pre-NFV Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Packet
Forwarding Middlebox Middlebox Middlebox Middlebox Public Internet

NFV Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Middlebox
Public Internet VM VM VM VM VM VM Packet Forwarding Packet Forwarding

SDN and NFV inevitable because… 1. Rise of Linux. 2.
Rise of baremetal servers and switches. 3. NFV: Rise of virtualization. 4. SDN: Rise of merchant switching silicon.

Networking Middleboxes

A “Normal” View Physical Datalink Network Transport Application Physical Datalink
Network Transport Application Physical Datalink Network Physical Datalink

A Middlebox World carrier-grade NAT load balancer DPI QoE monitor
ad insertion BRAS session border controller transcoder WAN accelerator DDoS protection firewall IDS

Middleboxes & Network Evolution New Devices New Apps Evolving Threats
Policy Constraints Performance, Security

Middleboxes Type of appliance Number Firewalls 166 NIDS 127 Media
gateways 110 Load balancers 67 Proxies 66 VPN gateways 45 WAN Optimizers 44 Voice gateways 11 Total Middleboxes 636 Total routers ~900 (Sherry et al, SIGCOMM’ 12) via Erranli • Data from a large enterprise: >80K users across tens of sites • Just network security $10 billion

Many Boxes Survey across 57 enterprise networks (Sherry et al,
SIGCOMM’ 12) via Erranli

Things to Keep in Mind • A middlebox is any
traffic processing device except for routers and switches. • Why do we need them? – Security – Performance • They can break end-to-end semantics (e.g., load balancing) Deployments of middlebox functionalities: • Embedded in switches and routers (e.g., packet filtering) • Specialized devices with hardware support of SSL acceleration, DPI, etc. • Virtual vs. Physical Appliances • Local (i.e., in-site) vs. Remote (i.e., in-the-cloud) deployments

HW Middleboxes – Drawbacks • Expensive equipment/power costs • Difficult
to add new features (vendor lock-in) • Difficult to manage • Cannot be scaled on demand (peak planning)

Network Function Virtualization

Middlebox Virtualization - NFV & VNF Virtual NF (VNF): •
Software implementation of a network function capable of running over NFV infrastructure Advantage of NFV • Use standard COTS hardware (e.g., high volume servers, storage) – reduces CAPEX and OPEX • Fully implement functionality in software – reducing development and deployment cycle times, opening up the R&D market • Consolidate equipment types – reducing power consumption • Optionally concentrate network functions in datacenters – obtaining further economies of scale and enabling rapid scale-up and scale-down

Potential VNFs Potential Virtual NF • Switching elements: – Ethernet
switch, Broadband Network Gateway, CG-NAT, router • Mobile network nodes: – HLR/HSS, MME, SGSN, GGSN/PDN-GW, RNC, NodeB, eNodeB • Residential nodes: home router and set-top box functions • Tunnelling gateway elements: IPSec/SSL VPN gateways • Traffic analysis: DPI, QoE measurement • QoS: service assurance, SLA monitoring, test and diagnostics • NGN signaling: SBCs, IMS • Converged and network-wide functions: – AAA servers, policy control, charging platforms • Application-level optimization: – CDN, cache server, load balancer, application accelerator • Security functions: firewall, virus scanner, IDS/IPS, spam protection

Potential VNFs

NFV Use Cases • NFV Infrastructure as a Service •
VNF as a Service • Virtual Network Platform as a Service • Virtualization of CDN • Virtualization of Mobile Core Networks and IMS • Virtualization of Mobile Base Station • Fixed Access Network Function Virtualization • Virtualization of Home Environment

NFV Use Case – Example Virtualization of Evolved Packet Core
(cellular core networks)

NFV Use Case – Example VNF Relocation

NFV High Level Architecture Virtualized Network Functions (VNFs) NFV Infrastructure
(NFVI) Physical Infrastructure Virtual Infrastructure Compute Storage Network Virtual Computing Virtual Storage Virtual Networking NFV Management and Orchestration (MANO) VNF VNF VNF VNF NFV Scope OSS / BSS: (operation/Busi ness Support) Service End-Points (End-users, Other Services) Other Networks

ETSI NFV Reference Architecture Computing Hardware Storage Hardware Network Hardware
Hardware resources Virtualisation Layer Virtualised Infrastructure Manager(s) VNF Manager(s) VNF 2 Orchestrator OSS/BSS NFVI VNF 3 VNF 1 Execution reference points Main NFV reference points Other reference points Virtual Computing Virtual Storage Virtual Network NFV Management and Orchestration EMS 2 EMS 3 EMS 1 Service and Infrastructure Requirements Or-Vi Or-Vnfm Vnfm-Vi Os-Ma Se-Or Ve-Vnfm Nf-Vi Vn-Nf Vi-Ha

Implementation of Reference Architecture Computing Hardware Storage Hardware Network Hardware
Hardware resources Virtualisation Layer Virtualised Infrastructure Manager(s) VNF Manager(s) VNF 2 Orchestrator OSS/BSS NFVI VNF 3 VNF 1 Execution reference points Main NFV reference points Other reference points Virtual Computing Virtual Storage Virtual Network NFV Management and Orchestration EMS 2 EMS 3 EMS 1 Service and Infrastructure Requirements Or-Vi Or-Vnfm Vnfm-Vi Os-Ma Se-Or Ve-Vnfm Nf-Vi Vn-Nf Vi-Ha ODL OpenStack RedHat vPE DPDK Intel NetApps Mellanox KVM ESXi OVS Modular L2/3

Credit • Scott Shenker, The Future of Networking and the
Past of Protocols • Nick McKeown, Stanford University, Many Talks/Articles • Jennifer Rexford, COS 597E, Princeton University • Mike Freedman, COS 461, Princeton University • Nick Feamster, https://www.coursera.org/course/sdn • Li Erran Li, COMS 6998-10, Univ. of Columbia • Marco Cello, SDN Talk @ CNR, Univ. Genova • Guido Appenzeller, Network Virtualization in Multi- tenant Datacenters, VMware

PPJ-07

PPJ-07

Eueung Mulyana

More Decks by Eueung Mulyana

Other Decks in Education

Featured

Transcript

PPJ #7 Virtualization & Software Defined Networking http://eueung.github.io/EL5244/ Dr.-Ing. Eueung

This material is mainly a derivative and remix work. Most

Intro

SDN Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Packet

Pre-NFV Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Packet

NFV Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Middlebox

SDN and NFV inevitable because… 1. Rise of Linux. 2.

Networking Middleboxes

A “Normal” View Physical Datalink Network Transport Application Physical Datalink

A Middlebox World carrier-grade NAT load balancer DPI QoE monitor

Middleboxes & Network Evolution New Devices New Apps Evolving Threats

Middleboxes Type of appliance Number Firewalls 166 NIDS 127 Media

Many Boxes Survey across 57 enterprise networks (Sherry et al,

Things to Keep in Mind • A middlebox is any

HW Middleboxes – Drawbacks • Expensive equipment/power costs • Difficult

Network Function Virtualization

Middlebox Virtualization - NFV & VNF Virtual NF (VNF): •

Potential VNFs Potential Virtual NF • Switching elements: – Ethernet

Potential VNFs

NFV Use Cases • NFV Infrastructure as a Service •

NFV Use Case – Example Virtualization of Evolved Packet Core

NFV Use Case – Example VNF Relocation

NFV High Level Architecture Virtualized Network Functions (VNFs) NFV Infrastructure

ETSI NFV Reference Architecture Computing Hardware Storage Hardware Network Hardware

Implementation of Reference Architecture Computing Hardware Storage Hardware Network Hardware

Credit • Scott Shenker, The Future of Networking and the