PPJ-07

Transcript

1. PPJ #7 Virtualization & Software Defined Networking http://eueung.github.io/EL5244/ Dr.-Ing. Eueung

   Mulyana | 2015H2

2. This material is mainly a derivative and remix work. Most

   of the texts and illustrations are taken from the talks/lectures given by the referenced networking professors/gurus/ninjas (Credits at the end of the Slide).

3. Intro

4. SDN Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Packet

   Forwarding Control Control Control Control Control Global Network Map Control Plane Control Program Control Program Control Program

5. Pre-NFV Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Packet

   Forwarding Middlebox Middlebox Middlebox Middlebox Public Internet

6. NFV Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Middlebox

   Public Internet VM VM VM VM VM VM Packet Forwarding Packet Forwarding

7. SDN and NFV inevitable because… 1. Rise of Linux. 2.

   Rise of baremetal servers and switches. 3. NFV: Rise of virtualization. 4. SDN: Rise of merchant switching silicon.

8. Networking Middleboxes

9. A “Normal” View Physical Datalink Network Transport Application Physical Datalink

   Network Transport Application Physical Datalink Network Physical Datalink

10. A Middlebox World carrier-grade NAT load balancer DPI QoE monitor

    ad insertion BRAS session border controller transcoder WAN accelerator DDoS protection firewall IDS

11. Middleboxes & Network Evolution New Devices New Apps Evolving Threats

    Policy Constraints Performance, Security

12. Middleboxes Type of appliance Number Firewalls 166 NIDS 127 Media

    gateways 110 Load balancers 67 Proxies 66 VPN gateways 45 WAN Optimizers 44 Voice gateways 11 Total Middleboxes 636 Total routers ~900 (Sherry et al, SIGCOMM’ 12) via Erranli • Data from a large enterprise: >80K users across tens of sites • Just network security $10 billion

13. Many Boxes Survey across 57 enterprise networks (Sherry et al,

    SIGCOMM’ 12) via Erranli

14. Things to Keep in Mind • A middlebox is any

    traffic processing device except for routers and switches. • Why do we need them? – Security – Performance • They can break end-to-end semantics (e.g., load balancing) Deployments of middlebox functionalities: • Embedded in switches and routers (e.g., packet filtering) • Specialized devices with hardware support of SSL acceleration, DPI, etc. • Virtual vs. Physical Appliances • Local (i.e., in-site) vs. Remote (i.e., in-the-cloud) deployments

15. HW Middleboxes – Drawbacks • Expensive equipment/power costs • Difficult

    to add new features (vendor lock-in) • Difficult to manage • Cannot be scaled on demand (peak planning)

16. Network Function Virtualization

17. Middlebox Virtualization - NFV & VNF Virtual NF (VNF): •

    Software implementation of a network function capable of running over NFV infrastructure Advantage of NFV • Use standard COTS hardware (e.g., high volume servers, storage) – reduces CAPEX and OPEX • Fully implement functionality in software – reducing development and deployment cycle times, opening up the R&D market • Consolidate equipment types – reducing power consumption • Optionally concentrate network functions in datacenters – obtaining further economies of scale and enabling rapid scale-up and scale-down

18. Potential VNFs Potential Virtual NF • Switching elements: – Ethernet

    switch, Broadband Network Gateway, CG-NAT, router • Mobile network nodes: – HLR/HSS, MME, SGSN, GGSN/PDN-GW, RNC, NodeB, eNodeB • Residential nodes: home router and set-top box functions • Tunnelling gateway elements: IPSec/SSL VPN gateways • Traffic analysis: DPI, QoE measurement • QoS: service assurance, SLA monitoring, test and diagnostics • NGN signaling: SBCs, IMS • Converged and network-wide functions: – AAA servers, policy control, charging platforms • Application-level optimization: – CDN, cache server, load balancer, application accelerator • Security functions: firewall, virus scanner, IDS/IPS, spam protection

19. Potential VNFs

20. NFV Use Cases • NFV Infrastructure as a Service •

    VNF as a Service • Virtual Network Platform as a Service • Virtualization of CDN • Virtualization of Mobile Core Networks and IMS • Virtualization of Mobile Base Station • Fixed Access Network Function Virtualization • Virtualization of Home Environment

21. NFV Use Case – Example Virtualization of Evolved Packet Core

    (cellular core networks)

22. NFV Use Case – Example VNF Relocation

23. NFV High Level Architecture Virtualized Network Functions (VNFs) NFV Infrastructure

    (NFVI) Physical Infrastructure Virtual Infrastructure Compute Storage Network Virtual Computing Virtual Storage Virtual Networking NFV Management and Orchestration (MANO) VNF VNF VNF VNF NFV Scope OSS / BSS: (operation/Busi ness Support) Service End-Points (End-users, Other Services) Other Networks

24. ETSI NFV Reference Architecture Computing Hardware Storage Hardware Network Hardware

    Hardware resources Virtualisation Layer Virtualised Infrastructure Manager(s) VNF Manager(s) VNF 2 Orchestrator OSS/BSS NFVI VNF 3 VNF 1 Execution reference points Main NFV reference points Other reference points Virtual Computing Virtual Storage Virtual Network NFV Management and Orchestration EMS 2 EMS 3 EMS 1 Service and Infrastructure Requirements Or-Vi Or-Vnfm Vnfm-Vi Os-Ma Se-Or Ve-Vnfm Nf-Vi Vn-Nf Vi-Ha

25. Implementation of Reference Architecture Computing Hardware Storage Hardware Network Hardware

    Hardware resources Virtualisation Layer Virtualised Infrastructure Manager(s) VNF Manager(s) VNF 2 Orchestrator OSS/BSS NFVI VNF 3 VNF 1 Execution reference points Main NFV reference points Other reference points Virtual Computing Virtual Storage Virtual Network NFV Management and Orchestration EMS 2 EMS 3 EMS 1 Service and Infrastructure Requirements Or-Vi Or-Vnfm Vnfm-Vi Os-Ma Se-Or Ve-Vnfm Nf-Vi Vn-Nf Vi-Ha ODL OpenStack RedHat vPE DPDK Intel NetApps Mellanox KVM ESXi OVS Modular L2/3

26. Credit • Scott Shenker, The Future of Networking and the

    Past of Protocols • Nick McKeown, Stanford University, Many Talks/Articles • Jennifer Rexford, COS 597E, Princeton University • Mike Freedman, COS 461, Princeton University • Nick Feamster, https://www.coursera.org/course/sdn • Li Erran Li, COMS 6998-10, Univ. of Columbia • Marco Cello, SDN Talk @ CNR, Univ. Genova • Guido Appenzeller, Network Virtualization in Multi- tenant Datacenters, VMware