Re-Architecting Telco Networks – The NFVI Way
Communication service providers (CSPs) and Data networks face numerous challenges today. With broadband and mobile data traffic having grown at an exorbitant rate in the past decade, and real time content/video taking the largest market share*, consumers’ appetite for wireless content and mobile data is pushing CSP networks to a crisis point. At the same time, the gap between bandwidth demand and revenues is widening – and competition from over-the-top (OTT) services is growing.
The latest Global Internet Phenomenon report* released by Sandvine (a leading DPI vendor) each year, video and streaming takes about 58% of the download internet traffic stream. As a result, CSPs are having to rethink and re-architect their networks as to how they can bring agility and capability in their networks for faster onboarding and service delivery on demand basis. Starting with the design and dimensioning of their network infrastructure, the concept of SDN (software defined networks) and NFV (network function virtualization) is becoming a defacto design adoption as it provides the capability to onboard any type of core telco service on a standardized infrastructure on COTS (common off the shelf) hardware and not to create silos and verticals for each service, providing a faster time-to-market, and coping with the demands of every day increasing requirements for bandwidth and real time content services. However, to create a robust infrastructure capable of onboarding multi vendor VNFs (virtual network functions), there are certain guidelines which the CSPs must follow to architect the NFV Infrastructure (NFVI) according to industry guidelines, keeping the advantages of vendor agnostic design for faster service delivery and TTM (time to market), and while keeping the TCO and ROI in control. The following article lists some of the challenges and guidelines for service providers to keep in mind while adopting their NFVI journey and transformation roadmap.
For many CSPs, network functions virtualization (NFV) and software-defined networking (SDN) are keys to a new network architecture.
Enabling delivery of higher levels of automation and faster, more agile services, these technologies result in new revenue streams for service providers as well as reducing CapEx and OpEx. According to a recent IHS Market report, almost 100% of SPs say that they will deploy NFV at some point to cater the data burst and wider agility – and many have already committed significant resources to virtualize their networks.
This new virtualized infrastructure is based on open standards for SDN and NFV. By virtualizing network functions, NFV allows network functions to be placed anywhere in the infrastructure and be moved as necessary. By separating control plane and data plane functions, SDN allows individual packet flows to be routed through the appropriate service layers as needed.
Service assurance solutions that are virtualized can also weave themselves into this architecture at both the NFV and SDN functionality layer. Such software-based solutions have the potential to provide more cost effective visibility, proactive monitoring, and service triage.
With respect to 5G, NFV will help virtualize multiple appliances in the network. Specifically, NFV will enable 5G network slicing, allowing various virtual networks to run on top of a single, physical infrastructure. Moreover, 5G NFV will allow a physical network to be divided into various virtual networks capable of supporting multiple radio access networks (RANs). NFV can also address barriers to 5G by optimizing resource provisioning of the virtual network functions (VNFs) for price and energy, scale VNFs and ensure VNFs consistently operate properly.
As an emerging technology in the network industry, NFV brings several challenges to network operators, such as the guarantee of network performance for virtual appliances, their dynamic installation and migration, and their efficient placements etc. These challenges to implement the network functions virtualization need to be addressed before implementing the same.
Interoperability and Compatibility
The key requirement and issue for NFV is to design standard interfaces between not only a range of virtual appliances but also between the virtualized implementations and the legacy equipment. One of the goals of NFV is to promote openness; therefore, network carriers may need to integrate and operate servers, hypervisors and virtual appliances from different vendors in a multi-tenant NFV environment. Their seamless integration requires a unified interface to facilitate the interoperability among them. The developed NFV solutions need to be compatible with existing Operation and Business Support Systems (OSS/BSS), and Element and Network Management Systems (EMS/NMS), and work in a hybrid environment with both physical and virtual network functions. In the long run, network operators must be able to migrate smoothly from proprietary physical appliances to open standard based virtual ones, since they may not be able to keep updated all their existing services and equipment in proprietary physical network appliance-based solutions.
Performance Optimization and Benchmarking
Since the network functions virtualization approach is based on using industry standard hardware (i.e. open x86 hardware, etc.) along with a virtualized networks & appliances, a decrease in performance may arise if not benchmarked properly. The challenge is how to keep the performance degradation as small as possible by using appropriate hypervisors and modern software technologies, so that the adverse effects on latency and throughput are minimized. The available performance of the underlying platform needs to be clearly identified and understood, so that virtual appliances know what they can get from the hardware. Using the right technology choice will allow virtualization — not only of network control functions but also of user and data plane functions.
Migration From Legacy to Next-gen Agile Infrastructure
Implementations of network functions virtualization (NFV) must co-exist with network operators’ legacy network equipment and be compatible with their existing Element Management Systems, Network Management Systems, OSS and BSS, and potentially existing IT orchestration systems, if network functions virtualization orchestration and IT orchestration are to converge. The network functions virtualization architecture must support a migration path from today’s proprietary physical network appliance-based solutions to more open standards based virtual network appliance solutions. In other words, network functions virtualization must work in a hybrid network composed of classical physical network appliances and virtual network appliances. Therefore, virtual appliances must use and support existing North Bound Interfaces (for management & control) and interwork with physical appliances implementing the same functions.
In 2012, seven of the world’s leading telecoms network operators initiated ETSI (European Telecommunications Standards Institute) Industry Specification Group (ISG) for NFV. These have been quickly joined by over 300 companies including network operators, telecoms equipment vendors, IT vendors and technology providers. ETSI has created the NFV ISG to define the requirements and architecture for the virtualization of network functions and to address their technical challenges. As a first step, the group published a joint-operator white paper in October 2012, which highlighted the current challenges faced by the operators and how the networks should be redesigned keeping in view these challenges, while standardizing the common infrastructure for telecom services.
Technical Challenges and expectations from NFVI:
- Ensuring that virtualized network platforms will be simpler to operate than what exists today
- Achieving high performance virtualized network functions which are portable among different hardware vendors, and different virtualization support systems
- Achieving co-existence with legacy hardware-based network platforms while enabling an efficient migration path to fully virtualized network platforms
- Management and orchestration of virtual network functions (particularly alongside legacy management systems) while ensuring security from attack and misconfiguration
- Maintaining network stability and service levels without degradation during appliance load and relocation ensuring the appropriate level of resilience to hardware and software failures
- Enabling the creation of virtual network appliances which will run, ideally without recompilation, on any hypervisor and hardware configuration, and integrate “on the fly” into the network operators’ existing management and orchestration systems
- Analyzing requirements for future technical specifications and standards in relevant standardization organization and groups to be identified or created at ETSI and other adhoc standards development organizations
- Minimizing energy consumption
As a result of standardization, the ETSI has come up with a recommended NFVI architecture which has formed the basis of a carrier grade NFVI framework.
The network function virtualization (NFV) architecture has been defined by the ETSI NFV ISG and comprises three principal elements: the NFV Infrastructure (NFVI), Virtualized Network Functions (VNFs) and the NFV Management and Orchestration (MANO) functions.
- The NFV Infrastructure (NFVI) consists of physical networking, computing and storage resources that can be geographically distributed and exposed as a common networking/NFV infrastructure. It is the combination of both hardware and software resources which build up the environment in which VNFs are deployed, managed and executed. The NFVI can span across several locations, i.e., places where NFVI PoPs are operated. The network providing connectivity between these locations is regarded to be part of the NFVI.
- Virtualized Network Functions (VNFs) are software implementations or virtualization of network functions (NFs) that are deployed on virtual resources such as VMs. Virtualized network functions are responsible for handling specific network functions that run in one or more virtual machines on top of the hardware networking infrastructure, which can include routers, switches, servers, cloud computing systems and more. Individual virtualized network functions can be chained or combined together in a building block-style fashion to deliver full-scale networking communication services.
- NFV Management and Orchestration (NFV MANO) functions provide the necessary tools for operating the virtualized infrastructure, managing the life cycle of the VNFs and orchestrating virtual infrastructure and network functions to compose value-added end-to-end network services. NFV MANO focuses on all virtualization specific management task necessary in the NFV framework.
Virtualization provides the opportunity for a flexible software design. Existing networking services are supported by diverse network functions that are connected in a static way. NFV enables additional dynamic schemes to create and manage network functions. Its key concept is the VNF forwarding graph which simplifies the service chain provisioning by quickly and inexpensively creating, modifying and removing Virtualized Network Functions service chains. On one hand, we can compose several VNFs together to reduce management complexity, for instance, by merging the serving gateway (SGW) and packet data network gateway (PGW) of a 4G core network into a single box. On the other hand, we can decompose a VNF into smaller functional blocks for reusability and faster response time. However, we note that the actual carrier-grade deployment of VNF instances should be transparent to end-to-end services.
Compared with the current practice, NFV introduces the following three major differences:
- Separation of software from hardware: this separation enables the software to evolve independently from the hardware, and vice versa
- Flexible deployment of network functions: NFV can automatically deploy network-function software on a pool of hardware resources which may run different functions at different times in different data centers
- Dynamic service provisioning: network operators can scale the NFV performance dynamically and on a grow-as-you-need basis with fine granularity control based on the current network conditions
Network function virtualization (NFV) architectural framework has four major functional blocks. 1) the orchestrator, 2) VNF manager, 3) virtualization layer and 4) virtualized infrastructure manager.
The orchestrator is responsible for the management and orchestration of software resources and the virtualized hardware infrastructure to realize networking services.
The VNF manager is in charge of the instantiation, scaling, termination and update events during the lifecycle of a VNF and supports zero-touch automation.
The virtualization layer abstracts the physical resources and anchors the VNFs to the virtualized infrastructure. It ensures that the VNF lifecycle is independent of the underlying hardware platforms by offering standardized interfaces. This type of functionality is typically provided in the forms of VMs and their hypervisors.
The virtualized infrastructure manager is used to virtualize and manage the configurable compute, network and storage resources and control their interaction with VNFs. It allocates VMs onto hypervisors and manages their network connectivity. It also analyzes the root cause of performance issues and collects information about infrastructure fault and for capacity planning and optimization.
From the study of the above architecture, two major enablers of NFV are:
- industry-standard servers and hardware
- technologies developed for cloud computing
A common feature of industry-standard servers is that their high volume makes it easy to find interchangeable components inside them with a competitive price, compared with network appliances based on bespoke Application Specific Integrated Circuits (ASICs). Using these general-purpose servers can also reduce the number of different hardware architectures in operators’ networks and prolong the lifecycle of hardware when technologies evolve (e.g., running different software versions on the same platform). Recent developments of cloud computing, such as various hypervisors, orchestration layer and vSwitch, also make NFV achievable in reality. For example, the cloud management and orchestration schemes enable the automatic instantiation and migration of VMs running specific network services. NFV is closely related to other emerging technologies, such as SDN. SDN is a networking technology that decouples the control plane from the underlying data plane and consolidates the control functions into a logically centralized controller. NFV and SDN are mutually beneficial, highly complementary to each other, and share the same feature of promoting innovation, creativity, openness and competitiveness. These two solutions can be combined to create greater value. For example, SDN can support NFV to enhance its performance, facilitate its operation and simplify the compatibility with legacy deployments.
Network functions virtualization presents an opportunity, through the flexibility afforded by software network appliances operating in an open and standardized infrastructure, to rapidly align management and orchestration with North Bound Interfaces to well-defined standards and abstract specifications. This will greatly reduce the cost and time to integrate new virtual appliances into a network operator’s operating environment. Software Defined Networking (SDN) further extends this to streamlining the integration of packet and optical switches into the system e.g., a virtual appliance or network functions virtualization orchestration system may control the forwarding behaviors of physical switches using SDN.
Security & Resilience
When deploying virtualized network functions, operators need to ensure that the security features of their network will not be adversely affected. NFV may bring in new security concerns along with its benefits. Initial expectations are that network functions virtualization improves network resilience and availability by allowing network functions to be recreated on demand after a failure. A virtual appliance should be as secure as a physical appliance if the infrastructure, especially the hypervisor and its configuration, is secure. Network operators will be seeking tools to control and verify hypervisor configurations. They will also require security certified hypervisors and virtual appliances.
Reliability and Stability
Reliability is an important requirement for network operators when offering specific services (e.g., voice call and video on demand), no matter through physical or virtual network appliances. CSPs and telcos need to guarantee that service reliability and service level agreement are not adversely affected when evolving to NFV. To meet the reliability requirement, NFV needs to build the resilience into software when moving to error-prone hardware platforms. All these operations create new points of failure that should be handled automatically. In addition, ensuring service stability poses another challenge to NFV, especially when reconfiguring or relocating a large number of software-based virtual appliances from different vendors and running on different hypervisors. Network operators should be able to move VNF components from one hardware platform onto a different platform while still satisfying the service continuity requirement. They also need to specify the values of several key performance indicators to achieve service stability and continuity, including maximum non-intentional packet loss rate and call/session drop rate, maximum per-flow delay and latency variation, and maximum time to detect and recover from failures.
It needs to be ensured that virtualized network platforms will be simpler to operate than those that exist today. A significant and topical focus for network operators is therefore, on simplification of the plethora of complex network platforms and support systems which have evolved over decades of network technology evolution, while maintaining continuity to support important revenue generating services. It is important to avoid trading one set of operational headaches for a different but equally intractable set of operational headaches.
Fields of Application and Use Cases
Network Functions Virtualization is applicable to any data plane packet processing and control plane function in mobile and fixed networks. Potential examples include:
|Switching elements||Border Gateways, Routers, CG-NAT|
|Mobile network nodes||EPC, HLR/HSS, Radio Network Controllers, GGSN, SGSN etc.|
|Customer premise equipment||Home routers, CPEs, Set top boxes|
|Tunneling gateways||IPSec/SSL Gateways, VPN Concentrators|
|Traffic analysis||DPI, URL Filtering solutions, QOE solutions, etc.|
|Assurance||Service level assurance, Monitoring, Testing & Diagnostics|
|Control Plane/Access Functions||AAA, Policy and charging solutions|
|Application Optimization||Caching, Streaming applications, CDNs, etc.|
|Security||Firewalls, IDS/IPS. etc.|
|Signaling||Session border controllers, IMS, etc.|
Being the fastest growing sector, the telecommunication industry is facing increased competition as new players are entering with emerging technologies. There is, thus, a need for existing players to invest in and adopt new technologies such as Software Defined Networking/Network Function Virtualization, cloud, and analytics, which can enable them to help telecom operators increase service agility and efficiencies. Communication Service Providers and vendors are investing a lot of resources going in that direction, and for good reason. It is clear that many opportunities will be created during the development and market implementation of such emerging technologies. Network Function Virtualization offers a great business potential, in terms of cost savings and additional revenue sources for operators, new opportunities for solution providers and, most importantly, in opening new business models and innovation opportunities.
NFV will create business model challenges, specifically how the leading network equipment providers charge for their products. Currently, the majority of the $100 billion-plus market for telecom equipment is sold as integrated systems with applications running on proprietary high-availability middleware and optimized hardware platforms. Migrating to an applications software model will be highly disruptive to existing revenue streams and profit margins. NFV offers significant potential to change the way that service providers architecture future networks, including increased flexibility and lower costs. Driving widespread adoption of NFV over the next few years will require significant cooperation and partnership by the leading service providers and their IT/equipment suppliers. To provide network functionality, a virtual function can be instantiated on-demand wherever it is needed in the network, rather than only at those points where the dedicated device is located. This decoupling of function and location means new possibilities for:
- Network Service providers to share infrastructure and services on demand to optimize their resource usage or cost structure, and to cope with traffic peaks by offloading some traffic to partner resources
- Network operators to provide elastic services that are practically impossible to address with current infrastructures, covering new market niches, expanding their service and charging options, and enabling a new breed of application services that rely on them, and
- Over the top (OTT) provider to compete in quality-of-experience offers with established providers at reasonable costs by means of agreements with network service providers for specialized services
Network Functions Virtualization (NFV) has the potential to advance significant change in the way telecom networks are built and operated. Led by major communications service providers, NFV provides a standards-based approach to virtualizing a range of telecom applications, thus enabling them to run on industry standard servers. Advances in Telecom/IT technology, including more powerful processors (e.g., Intel x86, Cavium), faster switching fabrics (e.g., 40GB, 100Gb), and advances in network software (e.g., SDN) have brought a wealth of network functions in the scope of commercial off-the-shelf (COTS) equipment. NFV proponents are looking to virtualize a wide range of network elements, including:
- Mobile and fixed core networks
- Deep packet inspection (DPI)
- Session border controllers (SBC)
- Security appliances (firewalls, IDS/IPS, SSL VPNs)
- Server load balancers
- WAN acceleration
On the technology front, there remain several challenges to widespread NFV adoption, including:
- Delivering standards-based, highly scalable COTS servers and high-availability middleware that meet the performance, reliability and availability requirements of the service providers
- Implementing NFV elements which interoperate not only with each other, but also with network elements in the installed (legacy) networks; this includes links to existing telecom OSS/BSS systems
- Automation of the management and orchestration features of NFV applications
- Ensuring that security of the network is not compromised by the introduction of NFV technologies
VNF integration into the underlying NFVI framework is a complex and evolving domain, with many high-level architectural options and a lack of standards at lower levels. From a CSP perspective, priorities will be to ensure that the system optimizes the use of the infrastructure through orchestration, that it remains open so it can accommodate other VNFs and infrastructure vendors, and enable business agility. To gain a high level of control and system openness, a CSP could decide to undertake the integration of third party software onto their NFV Infrastructure (NFVI) platform and management systems themselves. However, they may not have appropriate skills readily available, and they may seek to outsource this activity to a suitable equipment vendor or systems integrator.
CSPs should choose the underlying infrastructure vendor/SI who can help by:
- Integrating VNF products into the NFVI, managing the life cycle for software versions, and handling software instance licensing
- Interfacing and providing right and certified architecture with existing NEP vendor/vendors
- Integrating assurance tools to facilitate VNF instance commissioning and fault localization
- Implementing NFV deployment business policies by adopting the reference architecture
- Integrating the NFV domain with existing OSS/FCAPS (Fault, Configuration, Accounting, Performance, Security systems), and
- Evolving the NFV domain to cloud native, and interfacing with existing IT cloud management systems
Having gained an initial level of vendor independence, the CSP also needs to ensure that future business flexibility is not compromised by the actions of the chosen integrator. That could be achieved by using a third party to audit the openness of the integrated system against explicit requirements for portability, or to act as a second source of integration services for applying competitive pressure.
There is a rich ecosystem of organizations that can help with systems integration, including:
- Global IT consultants
- Specialist NFV integrators
- OSS vendors
- Network Equipment Providers, and
- VNF vendors
NFVI DESIGN APPROACHES
There are multiple approaches exist when choosing the right vendor/technology for NFVI transformation. These approaches are referred as vertical and Horizontal designs.
- Vertical Architecture: In this approach the VNF vendor proposes their own NFVI architecture and provide end-to-end solution which is vertically designed to suit the specific vendor’s VNFs only.
- Horizontal Architecture: In the approach, the service provider defines the blue print for the infrastructure where the virtual services will reside and provides great flexibility, control and optimization when choosing the best VNF vendor for current and future services requirements.
ECO-System for Certified VNFs from Respective NFVI Vendor
The CSPs should look for the NFV infrastructure and vendor which is agnostic to the VNF/network services layer and have the industry alliances with leading vendors to choose best of the breed services for their future roadmap, and not dependent on any one vendor in this space.
Network functions virtualization is likely to deliver many benefits for network operators and their partners and customers while offering the opportunity to create new types of eco-systems which may encourage and support rapid innovation with reduced cost and reduced risk. To reap these benefits, the technical challenges, as described above need to be addressed by the industry. To arrive at possible solutions to these technical challenges, the IT and Telecom Network industries may have to combine their complementary expertise and resources in a joint collaborative effort to reach broad agreement on standardized approaches and common architectures which may address these technical challenges and provide tested and interoperable solutions for delivery of end to end virtualized services with economies of scale. NFV need to be part of the broader transformation effort and may require service providers to make significant changes and progressive efforts. To make NFV fully operational, there is a need of coordination of three interlinked but separate development paths: virtualization, orchestration, and automation. NFV is considered to be a disruptive technology. Specially, it is expected to change the way current networks are being built, operated & managed. The multivendor management and orchestration objective of NFV need to be streamlined towards smooth migration.
Service providers should keep the following recommendations and guidelines in view while selecting the virtualization roadmap for core network services:
- The reference architecture must follow the industry guidelines outlined by ETSI
- The NFVI architecture should be defined as a blueprint by service providers to define the roadmap for multi-vendor VNF
- The defined architecture must be future-proof and should be capable of handling multi-vendor services
- Horizontal architecture is recommended in service providers covering fixed/broadband keeping the agility requirements in mind
- The selected vendor for NFVI must provide certified architectures with leading VNF service providers
- The selected NFVI must be capable of running over multi-vendor underlying hardware to avoid vertical vendor-lock-in
- Day-2 operations are key for a successful NFVI deployment; CSPs must keep in view the availability and selection of solutions providing FCAPS tools for operations management thus providing a greater control over CAPEX/OPEX
- Human resource enablement and on-ramp roadmap should be aligned with the selected technology for smooth operations
The introduction of network function virtualization is a core structural change in the telecommunication infrastructure marketplace. NFV will bring cost efficiencies, time-to-market improvements, new business models & services, and increased innovation to telecommunication industry infrastructure and applications. This blog presents an overview of the emerging network functions virtualization technology, illustrates its architectural framework, summarizes several use cases and benefits of network function virtualization as well as the challenges involved in its wide spread adoption.
With adoption of NFV in production networks in large carriers globally, the wider telecom industry needs to consider leveraging this opportunity and follow the migration path to NFV and start reaping the benefits. Apart from the opportunities, the telecommunication industry may have to take into consideration several technical challenges that might hinder its progress. Network operators, vendors, telecommunication academicians need to be aware of these challenges and explore new approaches to overcome them. Each player in the industry may need to position or reposition itself in the new ‘network function virtualization’ market. As an emerging technology, NFV may bring several challenges to network operators, such as the guarantee of network performance for virtual appliances, their dynamic instantiation and migration, and their efficient placement.
Therefore, the challenge for network operators may be focused on how to migrate their operations and skill base to software-based networking environment while carefully re-targeting investment to maximize reuse of existing system and processes. It may take some investment of time, resources, education and operational transformation, but it may be the most efficient strategy going forward to keep pace with the rapid growth of the telecommunication networks of tomorrow.
Faez Itrat is working as a Sr. Systems Engineer at VMware and serves as CTO Ambassador. Faez holds extensive experience of designing and architecting solutions for Fixed/mobile telecom and enterprise networks. He works closely with large scale customers and eco-system partners and consult on designing software defined networks and cloud solutions as part of systems engineering team.