Page 20

MWEE MARAPR 2014

Network Virtualisation Network Functions Virtualisation – fit for purpose? Network Functions Virtualization introduces new levels of uncertainty into the already complex network environment, that demands a return to first principles and a test solution based on the accumulated knowledge and skills of experienced specialists, says Steve Jarman, Spirent The virtualization of essential network functions – such as firewalls, BRAS, even customer premises routers etc – is catching on. You could say it had to happen, given the ubiquity of virtual technology and Moore’s Law increases in server power. For many users the first experience of virtualization was a workaround for proprietary operating systems – the remarkable discovery that one could run a Windows PC on a Mac computer. Then came datacentre consolidation, where racks of autonomous servers converged into a single data processing resource out of which one could mould any number of virtual machines flexibly, as and when needed. From there to software-defined networking (SDN) where the new techniques allow the network infrastructure to be re-configured as needed via software and without needing to move or manually configure any physical cables or boxes. But what about those physical boxes on the network? Large networks are populated with a growing number of proprietary hardware appliances – not just switches and routers but also security and deep packet inspection devices, QoE monitors, WAN accelerators and other specialist functions. Each time a service provider adds a new service it may be necessary to install further devices – time consuming in itself but also demanding additional space and power. What’s more, hardware goes out of date, and the whole expensive cycle from procurement to deployment has to be repeated. Is it possible then to follow the datacentre consolidation approach and replace many of these specialist devices with software functions running in a small number of general purpose servers? This is the essence of Network Functions Virtualisation (NFV). In the words of the original NFV White Paper it involves: “leveraging standard IT virtualisation technology to consolidate many network equipment types onto industry standard high volume servers, switches and storage, which could be located in Datacentres, Network Nodes and in the end user premises”. The idea is that ultimately any data plane packet processing and control plane function in fixed and mobile network infrastructures could be virtualized in this efficient manner. It isn’t such a radical notion either, as PC-based network devices have been around for a while, providing cheap networking solutions for small businesses. Recent advances in last-mile Ethernet, improved network interface cards, and Intel’s increasing focus on integrated networking processing – allowing processor cores to be re-programmed into network processors – mean that today’s PC-based network devices are increasingly capable of handling traffic up to hundreds of Gbps. NFV is already happening. In October 2012 a group of telcos including AT&T, BT, China Mobile, Deutsche Telekom and many others published an NFV Call to Action document, and an ETSI (European Telecommunications Standards Institute) committee was set up to promote the project. NFV and SDN SDN began as an academic project: a quest for flexibility in the network that would make it easier to in a research setting – and then industry caught on to the business benefits of a nimble network structure. NFV, however, began with that consortium of service providers sharing a solution to a challenge. The idea of removing every network box and ending up with one central server installation is attractive, but a little too simple, because some network functions are tied to a physical location. Just as switches need to be at network junction points, a firewall, for example, needs to be at the edge where the internal network connects to the public network. Allowing external traffic to travel through the internal network to a central server could be risky SDN facilitates simple stateless firewall rules within a network switch but full statefull functionality is still required. A pure NFV play may deploy virtual machine-based firewalls to servers at every entry point within the network; something that could be prohibitively expensive if using hardware appliances. The ideal solutions could involve a combination of SDN and NFV: because a virtualized network is far less restricted by location. In the above example: once the firewall function has been allocated to a specific virtual machine, then a software defined network could place it at the network edge regardless of its actual physical location, by providing a direct, quarantined link from the Internet to the virtual firewall before traffic entered the internal network. At present, most providers using NFV are still relying on manual reconfiguring of the network to route traffic to the virtual network functions, but combining SDN and NFV in this way has incredible potential. Not only could a costly hardware device be run as a virtual machine in an off-the-shelf server, but in the event of network problems the task could shift to a different virtual machine and the network reconfigure immediately to make this possible. Testing virtual network functionality There is no doubt that NFV has a great future, all the more so when combined with SDN to allow automation and near real-time response to business needs. A golden future lies ahead but, as with so many technological advances, a swamp of 14 Microwave Engineering Europe March-April 2014 www.microwave-eetimes.com


MWEE MARAPR 2014
To see the actual publication please follow the link above