View
215
Download
0
Category
Preview:
Citation preview
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 Cisco Confidential 1 © 2013 Cisco and/or its affiliates. All rights reserved.
Szabó Gábor
Mérnök-tanácsadó, Cisco Magyarország Kft.
2014. február 27-28.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
• Introduction to NFV • Cisco strategy around NFV • Standardization effort around NFV • Where NFV applies, where it does not • NFV components • NFV use cases
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
NAT VM
Firewall VM
SBC VM
dDOS VM
Virus Scan VM
IPS VM
DPI VM
CGN VM
Portal VM
PCRF VM
DNS VM
DHCP VM
BRAS VM
SDN Ctrl. VM
RaaS VM
WLC VM
WAAS VM
CDN VM
Caching
VM NMS VM
• Enablers Hypervisor and cloud computing technology Improving x86 h/w performance Optimised packet processing and coding techniques Network industry standardising on Ethernet SDN based orchestration
• Value Proposition Shorter innovation cycle Improved service agility Reduction in CAPEX and OPEX
• ETSI based standardization
NfV = Transition of network infrastructure services to run on virtualised compute platforms
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Today With NfV
Use case #2: Increase service capacity
1. Iden5fy capacity threshold reached 2. Buy hardware 3. Install image 4. Install hardware in DC 5. Connect to network 6. Configure and commission service
1. Service dynamically scales to adjust to demand
Use case #1: New service required
1. Buy hardware 2. Install image 3. Install hardware in DC 4. Connect to network 5. Configure and commission service
1. Requests service 2. Service is dynamically deployed in DC
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
• A hybrid network environment consisting of custom NFs and Virtualized NFs High capacity plumbing and gateways à NFs on custom solutions Management and services à VNFs
• Supplementing existing hardware solutions with virtualized solutions
• Infrastructure : From data center to edge / different form factors
• Multi-hypervisor strategy for NVF à KVM preferred but others required
• Modular and abstracted orchestration utilizing OpenStack and Open Daylight
• Participate in standards associated with NFV Concentrated on protocol development to date Upping our NFV ISG activity
• Lab infrastructure for developing customer driven solutions
Cisco is fully behind NFV and have multiple NFV related projects underway
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
LTE
Metro and Access
xDSL
WiFi
RNC 2G 3G
Small Cell
Gateways
OSS/BSS/NMS/EMS
Subsystems and Network Control
User plane
Backbone Network
Voice/IMS
HFC
PGW SGW
GGSN
SGSN
MME
Security GWs FW
DPI CGN Cache streaming
Transcoding MSC-S MGW
BGCF
MGCF
PS/RLS
DRA
Video ingestion
DRM
EMS Provisioning Analytics Billing
AAA
DNS DHCP
CSCF
I-CSCF
Transcoding Cache control
Policy
LB
HLR
HSS
ENUM
TAS SMS-C
Service Provider Services OCS MMS-C RMS
Biz CPE
Res CPE
Capacity Planning SecGW
Business PE
BNG
ePDG eWAG
HCS
HNB-GW
WLC
A-SBC I-SBC
SDN Controller
BGP server
Video Network
Transrating
Voice/IMS Video Data
FTTx PON
CMTS
Wireless
Wireline
Metro Network
Data Center
DC Network
SP Data Center
Enterprise Data Center
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
CPU Reqs
Backbone, Metro and DC switching
Business CPE
Home CPE
0 10Mbps 100Mbps 1Gbps 10Gbps 100Gbps 1Tbps 10Tbps 100Tbps 1Pbps
Wireless GWs
High
Low
Wireline GWs
Appliances (L4-L7)
Distributed: CPUs + Lots of NPUs
Distributed: Lots CPUs + NPUs
Centralized: CPU + NPU
CPU
Centralized: CPU or SoC
Variable CPU / FPGA / NPU
OSS/BSS, subsystem and N/W control
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
• Physical Design Requirements
interface count, interface size, system design requirements, specialist N/W functions
• Performance Requirements
L1-L3 packet performance, CPU processing, fabric capacity
• Network Architecture
Will virtualization fit the network architecture principles
• Elasticity of the service
• Economics
Onboarding, CapEX and OpEx
Evaluating the applicability of virtualization Many network functions are suitable for virtualization but not all. Each functional component of the network needs to be evaluated
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Strengths • High CPU processing functions • Low-medium packet processing • Low physical interface counts (<20) • Low-medium interface speeds • Ethernet interfaces (copper 10/1000/10Gbps) • Fast evolving functionality • Elasticity
Weaknesses • High packet processing • Specialized SP design and h/w functionality • High physical interface counts (>20s) • High interface speeds (>40G) • Diverse interfaces types
Strengths • High packet performance / bandwidth • Low performance drop-off with features • Power efficiency (Gb/W) • High speed interfaces / interface counts /
interface diversity • Custom design to meet a requirement • Mature functionality
Weaknesses • Longer developments cycles • Closed s/w and h/w designs • Solution flexibility / reuse • Elasticity
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Wide Area Network
• Real : High capacity plumbing and high performance gateways
• Virtualized : CPU intensive functions, low – mid range packet processing functions
• Interaction required between the real and virtual network functions via orchestration
• All use cases è Compute + VNFs + DC virtualization + Orchestration / Redirection use cases àRe-direction + Policy Server + WAN Overlay
The Architectural Components
Data Centre
and / or
Customer Premises
PoP
Virtualised Network Functions (VNFs)
Orchestration (NFVO)
Policy Server Classification
+ Redirection
Function
Compute +
Virtualization Technology (NFVI) +
Service Chaining
Network Overlays
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Centralised DC
Virtualised services +
service chaining
Distributed DC (standalone or on-box)
IP edge CPE
NGN
Placement
VSM running in an ASR9000
ISR G2 Cloud Connector (UCS)
UCS directly connected to ASR9000
UCS with virtual switching and appliances
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Bare Metal
Virtual Machine
• NFV Group looking for maximum flexibility
• Compute Technology Hypervisor and Virtual Machines preferred Bare metal acceptable – needed for performance reasons
• NIC Mapping Major bottle neck for packet performance Pass-through and SR-IOV
• SP want to use KVM for NFV applications
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
VSG
Public Zone (DMZ) Protected FE Zone 1 Zone 2 Zone 3
Sub-Zone W
Sub-Zone X
Sub-Zone Y
Sub-Zone Z
Front-end Zones
L3 VPN
Internet
Back-end Zones
NS1000v
ASA1000v VPN CSR1000v
L2 or L3 Fabric
NGN
Virtualized Compute and DC overlay
Data Centre Virtualization
NS1000v NS1000v
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
• Steer traffic through a one or more service entities
• Critical for non routed data plane services
• Important for control plane services
• Physically/logically directed or carried in packet metadata
Re-direction function
Internet
NAT
Service Chains
Default Service
Service 2
Service 1
NAT
Video opt DPI
DPI
Service Chain Definition
Complex Services and Service Chains Simple Service Chains
DNS
DNS
DNS LB
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
• Service ordering determined by n/w structure
• Virtual Packet Edge (vPE) solution
vForwarder Service
Redirection
Internet
HDR Original Frame NSH
Service Path information determines Service Chaining
• Service ordering by info in user packet
• 5 drafts submitted by Cisco at Berlin IETF
• BoF session run at the Berlin meeting
Service Chain Technology
vSwitch 1
2 3
vSwitch 5
6 7
External Controller
vForwarder vForwarder
4
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
VXLAN (Virtual Extensible LAN)
Ethernet in IP overlay network
Include 24 bit VXLAN Identifier 16 M logical networks
Technology submitted to IETF
Outer MAC SA
Outer 802.1Q
Outer IP DA
Outer IP SA
Outer UDP VXLAN ID (24 bits)
Inner MAC DA
Inner MAC SA
Optional Inner
802.1Q
Original Ethernet Payload
CRC
VXLAN Encapsulation Original Ethernet Frame
Virtualised Data Centre
Outer MAC DA
IP/MPLS
Virtualised WAN
L2 and L3 Virtualised WAN
L2 VPN options E-line, E-LAN, E-Tree
L3/L3VPN options MPLS L3VPN/Vrf Lite, Global IP
Virtual Network Overlays
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
vCGN (via
CSR1000v)
Adaptive Security
Appliance (ASA + VSG)
Security (Ironport)
Web
Security (Ironport)
Network Analysis Module (vNAM)
Load
Balancer (NS1000v)
Quantum
Policy Suite
vCPE
(CSR1000v)
vIOS
Classic OnePK SDK
IOS-XR
vRR (32/64 bit)
PGW/SGW (STAR-OS)
Virtual L2
Switch (Nexus 1000v)
Virtual Forwarder
(L2 / L3 forwarder)
Load
balancer (VPP)
vDPI
(vSCE)
4-6 Softwire Concentrator
(VPP)
Quantum
WAN Orchestration
VIRL
Wireless LAN
Controller
Prime Access
Registrar (RADIUS)
Prime
Network Registrar (DNS and
DHCP)
Quantum
WAN Orchestration
Simulation and Test
Network Control
CSR1000vCSR1000v
OSS/BSS and SP Applications
Prime Central
Prime
Fulfillment
Prime
Provisioning
Prime
Security Manager
Prime
Infrastructure
Mobility Services Engine
Identity Services Engine
Wide Area Application Services (vWaaS)
Deep Packet
Inspection (CSR1000v)
User Plane Appliances
vBNG
(CSR1000v)
Routing / Switching / Gateways
Ipsec
Gateway (CSR1000v)
SGSN/GGSN (STAR-OS)
vSecGW
(ASR9000)
eWAG/ePDG (STAR-OS)
MME (STAR-OS)
eWAG/ePDG (STAR-OS)
MME (STAR-OS)
Control Plane components
CDN
Virtual Network Functions (VNFs)
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
• From monolithic …
Device Device Device
Compute Domain Controller
Device Device Device
Storage Domain Controller
Device Device Device
Network Domain Controller
Cross Domain Orchestration
Service Service Service Service Service API
Domain abstracted API
Cross-domain Orchestrator
Domain specific controllers provide device abstraction
Device API
[Animated]
Monolithic Orchestration Solution
• to open, layered, abstracted and distributed – divide and conquer …
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
NfV Orchestration
Service Orchestration
Service Control
Ser
vice
Ass
uran
ce
VM/Storage Control Network Control
Orchestration
Infrastructure OSS
Cisco Cloud Service Management
Portal / UI / API
Res
ourc
e M
anag
emen
t
Physical Network
Compute / Storage
Virtual Services Virtual Network
App
s
App
s
App
s
App
s
App
s
App
s
Catalog Workflow
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
Cloud Service Orchestration Orchestration
Workflow Catalog Portal / UI / API
VM/Storage Control Network Control
Network Service Control
Ser
vice
C
reat
ion
Ser
vice
M
onito
ring
Ser
vice
C
onfig
IP
Con
trol
DC
N
etw
ork
Con
trolle
r
WA
N
Con
trolle
r
…
1. Request received
2. Catalog item
3. Defines workflow
4. Workflow calls Service Creation to set up service VMs
5. Service Creation calls to Openstack to set up VMs
6. Openstack sets up VMs
7. Workflow calls to Service Config function to set up services
8. Service Config configures services
9. Workflow calls DC network controller
10. DC network controller configures overlay network
11. Service monitoring tracks availability and performance of service
12. Service Creation manages service elasticity and high availability
1
2 34 7
Infrastructure
Physical Network
Virtual Network
Compute
Storage
Virtual Services
6
58
11 12
9
10
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
• Virtualized SP and third party applications / appliances • Virtualized gateways (PE, P-GW, BNG/BRAS)
• Virtual Managed Services
• Virtualized mobile solutions
• Virtualized video solutions, Virtual Home CPE – Not covered today
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
Internet
Virtualized SP / 3rd Party applications / subsystems
Centralised DC
Orchestration
IP edge CPE
NGN
Streamer DHCP
DNS Content Ingestion
IMS
• NFV transition well underway Custom / Specialized h/w à Commercial off the Shelf (COTS) à Today: Virtualized solutions
• Examples: OSS/BSS, IMS, network control, video/collaboration, wireless/wifi, security application
• Onboarding can be an issue due to age and complexity of some OSS/BSS systems
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Internet
Virtualized Edge Gateways
Centralised DC
Orchestration Policy Server
IP edge
Customer Premise
CPE
NGN
vBNG vBNG
• vPE, vBNG/BRAS, vS/PGW, vCMTS
• Wide range of gateway architectures deployed Regionalized: High subscriber / high capacity dedicated devices Distributed: Gateway functionality integrated into metro infrastructure
• Cisco is complementing existing h/w gateway solutions with virtualized solutions
Pure virtualized solution based on CSR1000v Splitting the subscriber control plane function from the data plane function
•
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
Metro + WAN
Data Centre Branch Office
Today
Service appliances in the branch and DC
Metro + WAN
Data Centre
Metro + WAN
Data Centre
Metro + WAN
Data Centre
Virtualised services on the router
Branch Office
Virtualised router and services
V Branch Office
Branch services In the DC
V V
L2 CPE Branch Office
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
• Physical Appliances are complex to design because of mismatched capacities, diverse resiliency strategies, incompatible networking
• Re-configuration (adding capacity or adding an appliance) is also difficult
• No agility because the service chains are “hard-wired” to the APN and there is no programmability; reconfiguration requires manual operations
IMS User
Video Only
Android User
Enterprise Access GGSN/
PGW
DPI FirewallWebProxy
FWVO
A-‐SBC
12ABC3DEF
4GHI5JKL6MNO
7PQRS
8TUV9WXYZ
*0#
Signal Strength
APNAPN
APNAPN
AddressTranslation
Virtual Services Infrastructure - example: GiLAN Today
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
§ Simple reconfiguration of service chains via SDN and virtualization tools
§ è better vertical scaling
§ è horizontal scaling (adjusting capacity)
Cloud Orchestration and Management
Access GGSN/PGW
Web Proxy NAT DPI FW
VO
VO FW
FW
A-‐SBC
12ABC3DEF
4GHI5JKL6MNO
7PQRS
8TUV9WXYZ
*0#
Signal Strength
ASR 9000
Service chains in the virtualized environment are “perfectly balanced”
§ Simplified cost model based on subscriber count + base cost of commodity hardware
§ Better solutions for fault tolerance and high availability based on hypervisor tools
Virtual Service Infrastructure - example: Virtualized GiLAN concept
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
• The backdrop to NFV and all network evolution is increasing amount of network traffic
• Cisco is fully behind NFV and has multiple efforts underway VNFs, NFVIs and orchestration
• NFV: some functions are obvious / large spectrum are dependent on SP and their architecture
• A hybrid network environment consisting of blend of custom NFs and Virtualized NFs (VNFs)
• Outlined some of the use cases Cisco is working on
Recommended