Software Defined Networking and Network Functions Virtualization The Next Big Thing in Networking Dirk Kutscher, Fabian Schneider NEC Laboratories Europe, NEC Europe Ltd. [email protected]
Software Defined Networking
and Network Functions Virtualization
The Next Big Thing in Networking
Dirk Kutscher, Fabian Schneider
NEC Laboratories Europe, NEC Europe Ltd.
Acknowledgement
this presentations is based on the work of
other reseachers at NLE, namely
Hans-Jörg Kolbe, Saverio Niccolini, Felipe Huici,
Jürgen Quittek, Heiner Stüttgen and many others
Page 2 © NEC Europe Ltd. 2013
SDN
▌Allows programming the
network by separating control
and data planes
▌SDN is a whole
Eco-system:
SDN Apps
Network OS
Data paths
NFV
▌Consolidate plethora of divers
network elements onto COTS
servers, switches & storage
▌Complementary to SDN, but
not dependent
What are we talking about
Page 3 © NEC Europe Ltd. 2013
Expectations of Telecom Operators
Source : https://www.opennetworking.org/images/stories/downloads/white-papers/wp-sdn-newnorm.pdf
Network Services
Network Device
Network Appliance + Centralize
Decouple
“Software”
Commodity HW →
CAPEX reduction,
Space, Power reduction
Automate control →
OPEX reduction
Open community →
New innovative
services by 3rd party
Standard interface →
Avoid Vendor Lock-in
© NEC Europe Ltd. 2013 Page 4
OpenFlow: Full Control over Flow Routing
Back to the roots: communication between endpoints create a flow
1. OpenFlow is based on an abstract switch model –
enabling the separation of control and data
2. OpenFlow deals with IP-flows, rather than IP packets
3. OpenFlow allows to control flow path routing end-to-end
4. OpenFlow allows to implement services inside the network
Firewall
Load balancer (3)
Server
Flow 1
Flow 2
Application 1
Application 2
Switch
Controller
Application 1
Application 2 (2) One sided flow
(1)
(1)
(2) Capable of maintenance
Apps Apps
Apps
Industry
Standard
© NEC Europe Ltd. 2013 Page 6
OpenStack: Cloud Management can deal with VMs
© NEC Europe Ltd. 2013 Page 10
DPI
CDN
BRAS SGSN/
GGSN NFV Orchestration
CG NAT
PE Router WAN
Accelerator
Message
Router
Unfortunately NOT!
▌Good news for researchers, … still a lot to do
▌OpenFlow is only a part of SDN
Protocol has some restrictions / is bound to existing protocols
• Hard to introduce new networking paradigms (ICN, LISP, DTN, ...)
• No support for L5-7 matching (DPI, HTTP proxies, application LBs, ...)
Open app eco-system needs standardized north-bound interfaces
• Network OS needed, some efforts en route (OpenDaylight, ONF, ...)
• Requirements/Framework for SDN apps unexplored
▌NFV needs more than OpenStack
Data Plane Performance of virtualized NWEs
Orchestration, incl. Security and Privacy in virtualized NWs
Service Chaining
Page 12 © NEC Europe Ltd. 2013
Framework/Execution Environment for SDN Apps
Page 13 © NEC Europe Ltd. 2013
Southbound Interfaces
SDN controller instance 1
Northbound Interfaces
App 1 App 2
App 4 App 5 App 6
Sam
e E
xecution C
onte
xt
Migrate? Clone?
Communicate?
Communicate
with outside?
Communicate with
other components?
Southbound Interfaces
SDN controller instance 1
Northbound Interfaces
App 1 App 2
Sam
e E
xecution C
onte
xt
Locate/
Discover
Controller
New
contact
after
migrate?
Forward data
after migrate?
Local and/or
remote Apps Locate/
Discover
NBI type
How to orchestrate VM and network control
Page 14 © NEC Europe Ltd. 2013
SDN
controller
Orchestration
network compute
/storage
VM
Mgmt
SDN
controller
Orchestration
network compute
/storage
VM Mgmt
Need to explore
pros and cons!
Complex Orchestration;
Lots of info exchanged
OpenStack Model
VM Mgmt cannot use
info from networking
SDN controller
Orchestration
network compute
/storage
VM
Mgmt
Interfaces do not yet
exist
Network service chaining
▌ Issues with service chaining:
Network-wide labels → NFs need to be label aware
→ Requires changes to the OS network stack of the NF
Input traffic ≠ output traffic @ network function (header rewriting)
→ How to identify traffic again on egress
One chain requiring multiple passes through same network element
→ How differentiate the different stages in the chain?
How to carry various info from beginning of chain to NF in the middle?
▌Many different use cases → way different requirements:
e.g. VNFs need access to arbitrary app/user meta data
Different from packet labeling
▌Needs a systematic approach: NEC looking into this
OF/SDN can help; NSC frameworks should leverage OF/SDN
Page 15 © NEC Europe Ltd. 2013
SDN/NFV research in NLE
▌Enabling high-performance virtual network functions
FlashSwitch: Data plane performance of vSwiches
ClickOS: Framework for easy development of high performance VNFs
▌Moving NFs into the Cloud
vBRAS, vEPC, vCPE, vCGNAT
Mobile Cloud Networking (MCN EU project)
Reliability and Security (SECCRIT EU project)
▌SDN++
Network OS: Execution Framework for SDN applications
New limits in SDN: Flow table size and speed
ICN over SDN
▌Building network infrastructure for SDN (OFELIA EU project)
Page 17 © NEC Europe Ltd. 2013
HGW
HGW
HGW
HGW
subscribers
core network (IP) aggregation network
DSLAM
DSLAM
Internet
EDGE
ROUTER
DC
services
IP PPP PPPoE Ethernet+VLAN
SDH/PDH (DSL)
IP Ethernet SDH, WDM, ….
BRAS
vBRAS Example: Broadband Access Network
© NEC Europe Ltd. 2013 Page 18
Broadband Access Server Functions
PPPoE/PPP sessions management
Header encapsulation/decapsulation
Interface to AAA
Traffic shaping
Access control
ARP proxy
IP Forwarding
IP addresses assignment
IGMP processing
© NEC Europe Ltd. 2013 Page 19
Expensive
Monolithic architecture
Single point of failure
Hard to change
First sessions’ tunnels
termination point
One ideal target for a NFV/SDN solution!
© NEC Europe Ltd. 2013 Page 20
Broadband Access Server
COTS device/
blade server
Optimization of virtualization
NASS Module
(PPP)
Indiv. FW
& rate limit
VPN
Routing
Global
Firewall
Rate Limit per
Access Node
NASS Module
(PPP)
NASS Module
(PPP)
NASS Module
(PPP)
Indiv. FW
& rate limit
Indiv. FW
& rate limit
Indiv. FW
& rate limit
SW-defined
NW Functions
PPPoE
FW
Traffic
Shaper
…
© NEC Europe Ltd. 2013 Page 21
Software BRAS
ClickOS-based BRAS VNF
▌ Implemented high performance PPP termination
▌With commodity IT technology …
Memory is not an issue; System can scale:
– Memory required for 1M sessions: 1.5 GB
– Memory required for 65k sessions: <100MB
Distributing sessions to multiple VMs in one server …
• leads to same results
Session setup rates are enormous
• Rate is >>1000 PPP sessions/s.
▌Throughput – snapshot “as of today”
10Gbps forwarding @ >512bytes/packet
• More than 2M packets per second
▌Conclusion: Virtualizing BRAS functions
is feasible while delivering required
performance
Page 22 © NEC Europe Ltd. 2013
all measurements made on a
single PC, Intel i7, 3,2GHz, 6
cores, 4GB RAM
Summary and Outlook
▌Virtualization is entering the network arena
SDN applies the „IT server cloud“ service paradigm to networking
Network virtualization can be applied to data and control plane
▌SDN holds the promise to reduce
NW Operator‘s and data center operator‘s CAPEX allowing the
use of commodity HW through NFV
• SW based NW (re-)configuration, including scale-in/scale-out for services
(e.g. virtualized mobile core vEPC, SW-BRAS,…)
NW Operator OPEX through a better support
• Flexible, on-demand in-network node processing to support NW control
• Provides SW controlled flexibility of the NW infrastructure to support dynamic
changes in networking requirements and demand
▌Although the SDN principle seems to be agreed by the industry
many research issues remain:
Data plane performance, Network OS, Security/Privacy,
Management/Orchestration, …
Page 24 © NEC Europe Ltd. 2013
Some Related Links
▐ NEC SDN solutions
http://www.necam.com/SDN/
▐ NEC’s ProgrammableFlow Video
http://www.youtube.com/watch?v=4kno-X49QoM
… or search for “NEC OpenFlow” on YouTube
▐ OFELIA Testbed
http://www.fp7-ofelia.eu/
Check out the video and the Trema Tutorial there!
▐ NEC Labs Europe OpenFlow site
http://www.openflow.eu/
▐ NEC’s Open Source Controller Trema
http://trema.github.com/trema/
▐ ONF and ETSI NFV
https://www.opennetworking.org/
http://portal.etsi.org/portal/server.pt/community/NFV/367
© NEC Europe Ltd. 2013 Page 25
Open Source Activities
▌Controllers
ICSI NOX (C, Python)
Stanford Beacon (Java)
NEC trema (C, Ruby)
BigSwitch Floodlight (Java)
NTT Ryu (Python)
…
▌Software Switches
Open vSwitch (in Linux 3.3)
Indigo (abstraction layers to
support OF on
physical/hypervisor switches)
…
© NEC Europe Ltd. 2013 Page 28
OpenDaylight
Facilitate a community-led, industry-supported open source
framework, including code and architecture, to accelerate and
advance a common, robust SDN platform
© NEC Europe Ltd. 2013 Page 30
NEC Laboratories Europe
(Heidelberg, Germany &
S.Ruislip, UK)
• Future Networks, SDN
• Security and Privacy
• Media Processing
• Cloud ICT
• M2M and IoT
• ITS
• Smart Energy
• Standardization
NEC Laboratories China
(Beijing, China)
• Video Surveillance
and Sensing
• Data Mining
• Cloud ICT
• Wireless
Access C&C Innovation Initiative
Knowledge Discovery Research Labs.
Cloud System Research Labs.
Information Media Processing Labs.
Smart Energy Research Labs.
Green Platform Research Labs.
(Tamagawa, Kanagawa)
• Knowledge Discovery
• ICT System
• Information and Media Processing
• Communication, Processing and
Sensor / Actuation Platforms
• Energy Management
• R&D Marketing
Smart Energy Research Labs.
(Sagamihara, Kanagawa)
• Energy Component
C&C Innovation Initiative
Information and Media Processing Labs
(Ikoma,Nara)
• User Interface
• Information and
Media Processing
NEC’s Global R&D
Page 32 © NEC Europe Ltd. 2013 Page 32
NEC Laboratories America (Princeton, Silicon Valley, U.S.A.)
• Media Analytics, Machine Learning
• System Mgmt and Verification
• Energy Management
• IT System Architecture
• Broadband and Mobile Networking
• Quantum IT
Smart Energy Research Labs.
Green Platform Research Labs.
(Tsukuba,Ibaraki)
• Energy Component
• Functional Material
• Low Power Device
NEC Laboratories Europe - Overview
▌~100 leading researchers from all over Europe and world-wide in
Heidelberg, and London (NEC E HQ)
▌Close links with leading European research institutes & universities
▌Collaboration with major industry in Europe, e.g.,
network operators, ICT vendors, automotive, utilities….
▌Research areas in NLE
4G/5G, Future Internet, SDN
Cloud platform, management & services
Security, Privacy & Performance
Internet of Things (M2M)
ITS and Green Telematics
Smart Energy
Standardization
© NEC Europe Ltd. 2013 Page 33
NLE’s Mission
“Research & Development & Standardization & Marketing”
1. Develop key technologies and solutions for NEC’s business
Technology areas: network, security, M2M and media services, energy
and transport software technologies for the future cloud environment
addressing in particular European market trends and requirements
leveraging European strengths through open innovation projects with
customers and technology partners
2. Impact standardization to strengthen NEC’s solutions
Insert NEC technologies and (essential) IPR into evolving standards
Focus on 3GPP, IETF, BBF, IEEE 802, ONF, ETSI NFV, ...
3. Support European Sales and Marketing
Future technology demonstrators for European trade fairs
Provide consulting and trial support to customers and NEC E‘s CoCs
with technical expertise
© NEC Europe Ltd. 2013 Page 34
Page 35 © NEC Europe Ltd. 2013
NEC Group Vision 2017
To be a leading global company
leveraging the power of innovation
to realize an information society
friendly to humans and the earth