The document discusses Network Functions Virtualization (NFV) and its significance in disaggregating network functions from hardware to improve agility and reduce costs through virtualization on x86 platforms. It highlights the major use cases, potential targets for virtualization, and the required skillsets for implementing NFV, such as cloud orchestration and service function chaining. The document also outlines NFV reference architecture, terminology, and challenges related to performance, integration, and new operational paradigms.

1. Network Functions Virtualization (NFV)
Santanu Dasgupta
Distinguished Engineer – Service Provider Network Architecture
BOF Meeting @ APNIC 40
September, 2015

2. Cisco Confidential 2© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Introduction to Network Functions Virtualization
Disaggregation of
Network Functions from the
underlying Hardware
How?Why? What?
• Hypervisor & cloud technology
• Improving x86 h/w performance
• SDN based orchestration
• Speed and Agility
• Monetization with new services
• Reduced total cost of ownership
• Performance Requirements
• Physical Design Requirements
• Economics of on-boarding
Existing Hardware / Appliance
based Network Functions (NFs)
Network Functions running inside VM on
x86 Server Platform (Virtual Network Functions)
NAT
VM
Firewall
VM
SBC
VM
dDOS
VM
Virus
Scan
VM
IPS
VM
DPI
VM
CGN
VM
Portal
VM
PCRF
VM
DNS
VM
DHCP
VM
BRAS
VM
SDN
Control
VM
RaaS
VM
WLC
VM
WAAS
VM
CDN
VM
Caching
VM
NMS
VM
Hardware
(ASIC/NPU/GPU)
Operating System
Apps (e.g.
Routing)
Hardware
(x86 Server)
Cloud Operating
System
Virtual Network
Functions
Depends On

3. Cisco Confidential 3© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Determining Potential Virtualization Targets
Interface Needs – Type and Density
Control Plane Performance Requirements
Data Plane Performance & Feature Requirements
Economics of On-boarding if Virtualized
Development, Ease of Integration, Elasticity Needs
Power Efficiency Requirements of the System
1
2
3
4
5
6

4. Cisco Confidential 4© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Virtualization Appeal for Various Network Functions
LTE
Smartphone
Access
xDSL
WiFi
Smartphone
PC
RNC2G 3G
Ethernet CE
NodeB
eNodeB
AP
Small Cell
FAP
Gateways /
Service Edge
OSS/BSS
Subsystems and Control
Data Plane
Voice Video Data
Core Network Infrastructure
IMS
xDSLHFC
PGWSGW
2/3G
GGSN
2/3G
SGSN
MME
ePDG
eWAG
PE
Metro Network
Infrastructure
NAT FW IPSec
DPICGNCaching
Opt
MSC-SMGW
A-SBC I-SBC
BGCF
MGCF
PS / RLS
DRA
Video
ingestion
DRM
Video Network
EMS Provisioning Analytics Billing
Radius
DNS
DHCP
S-CSCF
P-CSCF
I-CSCF
Trans-
coding
Cache
Control
Policy
Parental
control
HLR
HSS
ENUM
TAS SMS-C
Services
OCS MMS-C HCSRMS
xDSLDSLAM DSL/ FTTX BNG
Core
Routing
Metro
Ethernet
Biz
CPE
Consumer
CPE
Cable
Modem CMTS
Capacity
Planning
WLC
SecGW
HNB-GW
Policy
SDN
Controller
BGP
server
Metro
Ethernet
Data
Center
Less Or
No
Appeal
High
Appeal
High
Appeal
Depends
HighAppeal
High Appeal
High Appeal
Less
OrNo
Appeal
Less Or No Appeal

5. Cisco Confidential 5© 2013-2014 Cisco and/or its affiliates. All rights reserved.
The SP NFV Landscape and Major Use Cases
• Top of mind for most / all Service Providers
• Lot of expectations –
• Agility with end-to-end automation and cloud centric service delivery models
• Faster time to market for new services
• Architecture transformation
• Increased use of generic hardware and open source software,
• Higher openness and standardization
• CAPEX & OPEX reduction
• Overall the state of technology and deployment at still in early stages
• Major areas of focus
• Cloud Centric Managed Services (Managed CPE, Security, VPN, Value Added Services…)
• Virtualized Mobile Packet Core and Virtualized Gi-LAN
• SP Infrastructure NFV (Virtual BRAS/BNG, Virtual RR, Virtual DNS, Virtual PE…)
• Do you guys have any other major use case that is important to you?

6. Cisco Confidential 6© 2013-2014 Cisco and/or its affiliates. All rights reserved.
NFV Use Cases
vMS, vCPE, SP Mobility and Service Chaining Are the Major Ones
CAPEX Reduction
Gain in Ops. Efficiency
New Revenue Generation
Source: Infonetics 2015 NFV Survey

7. Cisco Confidential 7© 2013-2014 Cisco and/or its affiliates. All rights reserved.
NFV – May Not be That Simple As it Appears
Source: Infonetics 2015 NFV Survey

8. Cisco Confidential 8© 2013-2014 Cisco and/or its affiliates. All rights reserved.
OpenConfig
SDN, Controllers APIs, Service Chaining Data Models, Config. Management
Cloud Orchestration Data Plane Infrastructure
End-to-End Reference Architecture for NFV
Industry and Open Source Efforts around NFV

9. Cisco Confidential 9© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Compute
Hardware
Storage
Hardware
Network
Hardware
Hardware resources
Virtualisation Layer
Virtualised
Infrastructure
Manager(s)
VNF
Manager(s)
VNF 2
OrchestratorOSS/BSS
NFVI
VNF 3VNF 1
Execution reference points Main NFV reference pointsOther reference points
Virtual
Computing
Virtual Storage
Virtual
Network
NFV Management and Orchestration
EMS 2 EMS 3EMS 1
Service, VNF and Infrastructure Description
Or-Vi
Or-Vnfm
Vi-Vnfm
Os-Ma
Se-Ma
Ve-Vnfm
Nf-Vi
Vn-Nf
Vl-HaInfrastructure WG
S/W Architecture WG
Management
and Operations
(MANO WG)
Technical
Steering
Committee
Reliability
and
Availability
Performance
and
Portability
Security
Expert Groups
ETSI NFV End-to-End Reference Architecture

10. Cisco Confidential 10© 2013-2014 Cisco and/or its affiliates. All rights reserved.
• NF: A Network Function (NF) is a building block within an operator´s network infrastructure, which
has well defined external interfaces and a well defined functional behaviour. In practical terms a
Network Function is today often a network node.
• VNF: A Virtual Network Function (VNF) provides exactly the same functional behaviour and
interfaces as the equivalent Network Function, but is deployed in a virtualised environment.
• NFVI: The NFV-Infrastructure (NFVI) is the totality of all hardware and software components which
build up the environment in which VNF are deployed, managed and executed.
• NFVO: The NFV-Orchestrator (NFVO) is a software to operate, manage and automate the
distributed NFV Infrastructure. The Orchestrator has control and visibility of all VNF running inside
the NFV-Infrastructure
• VNFM: The VNF Manager lifecycle management of VNFs and the associated NFVI resources
• VIM: The Virtualised Infrastructure Manager manages the NFVI components and specialist VIMs
are permitted (e.g. compute, storage and network). Example of a specialist VIM could be the
Network Controller that delivers the SDN controller function
ETSI NFV Terminologies

11. Cisco Confidential 11© 2013-2014 Cisco and/or its affiliates. All rights reserved.
• Multi-tenanted vSwitch (such as OVS) in kernel, may be
with additional extension to do routing
• Performance may be typical concern
• Other possible concerns – Fault tolerance, kernel
recertification needs …
Sample Data Plane Connectivity Models for VNFs / VMs
vSwitch
Tenant VM Tenant VM
KVM
NIC
Multi-tenanted
vRouter / vSwitch
vSwitch
Tenant VM Tenant VM
KVM
NIC
Tenant VM Tenant VM
• High performance multi-tenanted vRouter/vSwitch in
the user space
• vSwitch in the kernel as patch panel for tenant VM
connectivity
• Concern – the vSwitch patch panel performance
Multi-tenanted vSwitch
vSwitch (as Patch Panel)

12. Cisco Confidential 12© 2013-2014 Cisco and/or its affiliates. All rights reserved.
• Move that high performance multi-tenanted vRouter /
vSwitch in the kernel space
• Remove the need of additional vSwitch as patch panel
• But fault tolerance, other kernel related issues are back
here in this model
Sample Data Plane Connectivity Models for VNFs / VMs …
High Performance Multi-tenanted vRouter/vSwitch
Tenant VM Tenant VM
KVM
NIC
Tenant VM Tenant VM
• Retain the high-performance multi-tenanted vRouter/
vSwitch as a user space process
• Use vhost-user for inter-VM traffic by direct memory
copy – no hypervisor involved
• Need to ensure proper memory copy operation to
ensure security, stability etc
Multi-tenanted
vRouter / vSwitch
Tenant VM Tenant VM
NIC
vHost-user
KVM

13. Cisco Confidential 13© 2013-2014 Cisco and/or its affiliates. All rights reserved.
• No multi-tenanted vRouter/vSwitch anymore
• Use a TOR switch for VXLAN – VLAN mapping
• Appropriate VLANs mapped to the VMs through the vSwitch in
the kernel
• Scalable Layer 3 service chaining may be a challenge to
implement
vSwitch
Tenant VM Tenant VM
KVM
NIC
Tenant VM Tenant VM
TOR Switch
802.1q
VXLAN / MPLSoGRE
SR-IOV
Tenant VM Tenant VM
KVM
NIC
Tenant VM Tenant VM
TOR Switch
802.1q
VXLAN / MPLSoGRE
• No vSwitch anywhere
• Use a TOR switch for VXLAN – VLAN mapping
• SR-IOV to map the traffic from PNIC to the appropriate VMs
• Scalable Layer 3 service chaining may be a challenge to
implement
Sample Data Plane Connectivity Models for VNFs / VMs …

14. Cisco Confidential 14© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Encapsulation within the DC / NFV POD for MPLS Operators
vNAT vFW
VXLAN / MPLSoGRE / MPLSoUDP
IPIP MPLS
vNAT vFW
MPLS (Segment Routing / LDP)
IPIP MPLS
Current Approaches
Possible Alternate ?
End-to-end common encap, uniform OAM, easy operations and troubleshooting
But now, the DC/NFV POD underlay devices need to run label switching
CPE
CPE
PE DCI DCI
DCIDCIPE

15. Cisco Confidential 15© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Service Chaining in NFV
• Many thoughts across the industry and technical communities
• Different solutions emerging –
• Network Service Header (NSH) – being standardized at IETF
• L3 Routed Service Chain (orchestrated) along with BGP for WAN integration
• Segment Routing based service chaining
• VLAN stitching
• NSH gaining traction and has a lot of promise
• Extensive metadata capabilities to carry rich set of policies
• In-band OAM becoming a possibility – the IP and Ethernet generation had missed it so
far
• However some feedback are coming around its complexity
• True benefit of NSH may require all VNFs to support it across industry
• There may be some issue with time to market, performance impact etc.

16. Cisco Confidential 16© 2013-2014 Cisco and/or its affiliates. All rights reserved.
• Data Plane
• Traffic steering & metadata
• Carry rich policy, end-to-end context
• End-to-end visibility and OAM
• Service Chaining Orchestration
• Define service chains & build service paths
• Control / Policy Planes
• Instantiate service chains adhering to policy
0
0
1 2 3 4 5 6 7 8 9
1
0
1 2 3 4 5 6 7 8 9
2
0
1 2 3 4 5 6 7 8 9
3
0
1
D Rsvd Source Switch ID Source Interface ID
Reserved Tenant ID
Destination Class / Reserved Source Class
Service Classification Data
Service Chaining
Orchestration
SF
(VM)
Service'
(v)switch
Forwarding
Service'
Service
Classifier
SF
(Physical)
Service1(VLAN(
Service Function
Forwarder (SFF)
Control Plane
Policy Plane
SF
(VM)
Service'
(v)switch
Forwarding
Service'
SF
(Physical)
Service1(VLAN(
Service Function
Forwarder (SFF)
Service
Classifier
Network Overlay +
Service Header
Service Header
Service Chaining with Network Service Header

17. Cisco Confidential 17© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Customer 1
Wants FW,
DPI
Customer 2
Wants FW,
NAT, DPI
WAN
Peering /
Cloud
Interconnect
Managed Service POD
vNAT vDPI
Transit Service Chain For Secure Cloud Interconnect
Virtual
Private Cloud
Private
Cloud
Public Cloud
Orchestration
• On-demand Service Chain spinned up at the Peering DC/POD as per the requirement of the end-user
• The policy is to send traffic from the respective customer site towards the Cloud SP via their Service Chain
vFW
vFW vDPI

18. Cisco Confidential 18© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Mobile Packet Core and SGi-LAN Virtualization
Mobile Control
Plane Environment
Home Subscriber
System (HSS)
Mobile Mgmt
Entity (MME)
Policy and Charging
Rules Function
(PCRF)
User Plane Environment
User
Equipment
Packet
Gateway
LTE Radio
Access
Network
Serving
Gateway
SF 1
SF 3 SF 4
SF 5 SF 6
SGi-LAN
Internal Application
OTT Application 1
OTT Application 2
SF 2

19. Cisco Confidential 19© 2013-2014 Cisco and/or its affiliates. All rights reserved.
• Most existing technologies, protocols and associated skills are equally required
• On top of that, there are needs for acquisition of New Skills
• x86 Server Virtualization
• Virtualization on Linux (and KVM/QEMU) Environment
• Cloud Orchestration Systems – such as OpenStack
• Virtual Switches – OVS, Netmap/VALE, Snabbswitch, Vendor Specific etc
• SDN Controllers – OpenDayLight, Vendor Specific
• Device Programmability and APIs – NETCONF, Yang, RESTCONF, REST APIs, OF….
• Service Function Chaining – specially NSH (Network Service Header)
• Network based Virtual Overlay transport – VXLAN, MPLSoGRE/UDP, LISP, L2TPv3…..
• Automation Tools – puppet / chef etc.
• Management, Orchestration, OSS Fundamentals,
• …..
NFV – How to build / Augment Operations skillsets

20. Thank you.