S04.

Arquitectura para NFV

Redes Software
Grados familia Ing. Telecomunicación

Curso 2021-22

Departamento de Ingeniería Telemática

Pedro A. Aranda Gutiérrez – Carlos Jesús Bernardos Cano

Universidad Carlos III de Madrid
[email protected] , [email protected]

Materials taken from the SDN-NFV Master program @ UC3M

1 / 37

Outline

1 Introduction

2 Network Function Virtualisation (NFV) Architecture

3 NFV Framework

4 Network Services

5 NFV Reference Architecture

2 / 37
 The course outline

• PART I: Introduction
• PART II: Virtualisation
• PART III: Software Defined Networks
• PART IV: Network Function Virtualisation
▶ Introduction and motivation
▶ NFV architecture
▶ VNF software architecture

3 / 37

Useful references

• “Foundations of Modern Networking: SDN, NFV, QoE ,

IoT, and Cloud,” William Stallings, Addison-Wesley
Professional, 1st edition, 2015
▶ Book available online at UC3M’s library

• “Network Function Virtualisation,” Ken E. Gray and

Thomas D. Nadeau, Morgan Kaufmann, 2016
▶ Book available online at UC3M’s library

4 / 37
Outline

1 Introduction

2 NFV Architecture

3 NFV Framework

4 Network Services

5 NFV Reference Architecture

5 / 37

NFV vs. current practice

• In current networks: Network Functions (NFs) are implemented as a

combination of vendor specific software and hardware
• NFV introduces a number of differences:
▶ Decoupling software from hardware
HW and SW can evolve independently
▶ Flexible network function deployment
Sharing resources is much easier
Faster deployment of new services
▶ Dynamic scaling
Greater flexibility, scaling can be done for example according to actual traffic
• Decoupling NFs from dedicated HW does not require virtualisation of
resources, but note the gains of doing so

6 / 37
“The” NFV architecture
• Widely embraced architecture defined by ETSI
▶ Introduced in ETSI GS NFV 002
• Goals of the ETSI NFV architectural framework
▶ Outline an architecture that supports Virtual Network Function (VNF) operation across different hypervisors and
computing resources and which provides access to shared storage, computation, and physical/virtual networking
▶ Outline a software architecture with VNFs as building blocks to construct VNF Forwarding Graphs
▶ Define an interface between management and orchestration of NFV with other management systems, such as
Element Manager System (EMS), NMS, and OSS/BSS
▶ Support a range of network services with different reliability and availability levels leveraging virtualisation
techniques

7 / 37

“The” NFV architecture

• Goals of the ETSI NFV architectural framework (cont’d)
▶ Ensure the virtualisation does not cause any new security threat
▶ Address performance related issues unique to virtualisation
▶ Minimize the interworking impact between virtualised and non-virtualised network functions
• Aspects common to Physical and Virtualised Network Functions are left out of the scope
▶ The specifics of the Network Functions themselves, their interface protocols, as well as management functions
related to the functionality performed by the NF
▶ Direct control, operation and management of physical network infrastructure
▶ The actual packet flow, control, operation and management of the E2E network service
▶ Implementation details of the architecture itself

8 / 37
Outline

1 Introduction

2 NFV Architecture

3 NFV Framework

4 Network Services

5 NFV Reference Architecture

9 / 37

High-level NFV framework

• Composed of 3 key elements / domains
▶ Virtualised Network Function (VNF)
Software implementation of a network function which is capable of running over the NFV Infrastructure (NFVI)
▶ NFV Infrastructure (NFVI)
NFVI supports the execution of the VNF
Includes the diversity of physical resources and how these can be virtualised
▶ NFV Management and Network Operation (MANO)
Covers the orchestration and lifecycle management of physical and/or software resources that support the infrastructure
virtualisation, and the lifecycle management of VNFs

10 / 37
High-level NFV framework
Virtual Network Functions (VNFs)

Services VNF VNF VNF VNF

NFV Infrastructure (NFVI)

NFV
Virtual Virtual Virtual Virtual Management
resources Storage Compute Network and
Orchestration
Virtualisation Layer

Physical
Storage Compute Network
resources
Hardware resources

11 / 37

High-level NFV framework

• The NFV framework enables dynamic construction and management of VNF instances and the
relationships between them regarding data, control, management, dependencies and other attributes
• 3 different architectural views of VNFs
▶ A virtualisation deployment/on-boarding perspective where the context can be a Virtual Machine (VM)
▶ A vendor-developer software package perspective where the context can be several inter-connected VMs and a
deployment template that describes their attributes
▶ An operator perspective where the context can be the operation and management of a VNF received in the form
of a vendor software package

12 / 37
Relations between VNFs
• 2 types of relations considered so far
▶ VNF Forwarding Graph (VNFFG)
The network connectivity between VNFs is specified
E.g., chain of functions traversed in the path to a web server (load balancers, NATs, firewalls, etc )
▶ VNF Set
The connectivity between VNFs is not specified
E.g., pool of independent servers
• The forwarding aspects of a VNFFG are very important to understand how NFV is used to deploy services

13 / 37

Network Services
• An end-to-end network service can be described by an NF Forwarding Graph of interconnected Network
Functions (NFs) and end points
▶ These network functions can be implemented in a single operator network or interwork between different
operator networks
Some architectural options reported in GS NFV-IFA 009
▶ The underlying network function behaviour contributes to the behaviour of the higher-level service
Network service behaviour: combination of the behaviour of its functional blocks (individual NFs, NF Sets, NF
Forwarding Graphs, and/or the infrastructure network)

14 / 37
Network Services
• The end points and the network functions of the network service are represented as nodes
▶ These nodes correspond to devices, applications, and/or physical server applications
• An NF Forwarding Graph can have network function nodes connected by logical links
▶ Example: chain of network functions
▶ NFV area of activity within the operator-owned resources
Customer-owned devices are out of the scope
But virtualisation and network-hosting of customer functions is possible and is in the scope of NFV

15 / 37

Outline

1 Introduction

2 NFV Architecture

3 NFV Framework

4 Network Services

5 NFV Reference Architecture

16 / 37
Network Services

End End
Point Point
A NF1 NF2 NF3 B

17 / 37

Network Services
The networks involved

End End
Point Point
A NF1 NF2 NF3 B

Infrastructure Infrastructure Infrastructure

Network Network Network
1 2 3

End Point A and the

Network Functions are
interconnected by the
Infrastructure Network 1
(wired or wireless)

17 / 37
Network Services
The networks involved

End End
Point Point
A NF1 NF2 NF3 B

Infrastructure Infrastructure Infrastructure

Network Network Network
1 2 3

NF Forwarding Graph
composed of NF1,
NF2 and NF3, inter-
connected via logical
links provided by the
Infrastructure Network 2

17 / 37

Network Services
The networks involved

End End
Point Point
A NF1 NF2 NF3 B

Infrastructure Infrastructure Infrastructure

Network Network Network
1 2 3

NF End Point B and the

Network Functions are
interconnected by the
Infrastructure Network
3 (wired or wireless)

17 / 37
 Network Services
The network service proper

End-to-end service

Network Function (NF) Forwarding Graph

End End
Point Point
A NF1 NF2 NF3 B

Infrastructure Infrastructure Infrastructure

Network Network Network
1 2 3

Network Service

17 / 37

Network Services
The end-to-end vision

End-to-end service

Network Function (NF) Forwarding Graph

End End
Point Point
A NF1 NF2 NF3 B

End-to-end Network Service

17 / 37
Network Services
What is hidden?

VNF-FG from the previous slide

VNF-FG-2
Virtual
Logical link resources
NF2a
NF2b hosted on
physical
machines
End NF1 NF2c NF3 End
Point Point
A B
Virtualisation Layer

NFVI-PoP

NFVI-PoP NFVI-PoP
Hardware
resources
Physical link NFVI-PoP
in physical
locations

18 / 37

NFV Principles

• Virtual Network Functions are the building blocks used to create end-to-end network services
• Three key NFV principles are involved in creating practical network services:
▶ Service chaining
VNFs are modular and each VNF provides limited functionality on its own
For a given traffic flow within a given application, the service provider steers the flow through multiple VNFs to achieve
the desired network functionality
▶ Management and orchestration (MANO)
Deploying and managing the lifecycle of VNF instances
VNF instance creation, VNF service chaining, monitoring, relocation, shutdown, and billing
MANO also manages the NFV infrastructure elements
▶ Distributed architecture: A VNF may be made up of one or more VNF Components (VNFCs)
Each VNFC implements a subset of the VNF’s functionality
Each VNFC may be deployed in one or multiple instances. These instances may be deployed on separate, distributed
hosts to provide scalability and redundancy

19 / 37
Implications of NFV
• The NFV architectural framework addresses the following:
▶ The functionality that is required to be realised by the NFVI
▶ The functionality that is required due to decoupling network functions into software and hardware
▶ The functionality that is required for NFV-specific management and orchestration
• Let’s look more closely at the NFV architecture

20 / 37

NFV terminology (I)

Term Definition

Compute domain Domain within the NFVI that includes servers and storage
Infrastructure network Domain within the NFVI that includes all networking that interconnects compute/s-
domain torage infrastructure
NF Functional block within a network infrastructure that has well-defined external inter-
faces and well-defined functional behaviour. Typically, a network node or physical
appliance
Network Function Virtu- Principle of separating network functions from the hardware they run on by using
alisation (NFV) virtual hardware abstraction
NFV Infrastruc- The totality of all hardware and software components that build up the environment
ture (NFVI) in which VNFs are deployed. The NFV-Infrastructure can span across several lo-
cations. The network providing connectivity between these locations is regarded to
be part of the NFVI
NFVI-Node Physical device[s] deployed and managed as a single entity, providing the NFVI
Functions required to support the execution environment for VNFs NFVI-PoP N-
PoP where a Network Function is or could be deployed as Virtual Network Function
Network forwarding Ordered list of connection points forming a chain of NFs, along with policies asso-
path ciated to the list

21 / 37
NFV terminology (II)
Term Definition

Location where a Network Function is implemented as either a Virtual Network

Network PoP (N-PoP) Function (VNF) or a Physical Network Function (PNF)
Composition of Network Functions and defined by its functional and behavioural
Network Service (NS) specification
Physical Network Func- An implementation of a NF via a tightly coupled software and hardware system.
tion (PNF) This is typically a proprietary system
Virtual Machine (VM) A virtualised computation environment that behaves very much like a physical com-
puter/server
Virtual network A topological component used to affect routing of specific characteristic informa-
tion. The virtual network is bounded by its set of permissible network interfaces. In
the NFV architecture, a virtual network routes information among the network in-
terfaces of VM instances and physical network interfaces, providing the necessary
connectivity
Virtual Network Func- An implementation of an NF that can be deployed on a NFVI
tion (VNF)
VNF Forwarding Graph Graph of logical links connecting VNF nodes for the purpose of describing traffic
(VNFFG) flow between these network functions
VNF Set Collection of VNFs with unspecified connectivity between them

22 / 37

Outline

1 Introduction

2 NFV Architecture

3 NFV Framework

4 Network Services

5 NFV Reference Architecture

23 / 37
NFV reference architecture NFV Management and Orchestration
On-Ma-nfvo NFV
OSS/BSS
Orchestrator
On-Vnfm
Ve-Vnfm-em
EM1 EM2 EM3 EM4 VNF Service, VNF and
VNF
VNF
Manager(s) Infrastructure
Ve-Vnfm-vnf
Manager(s)
Manager(s)
VNF1 VNF2 VNF3 VNF4 Description

Vn-Nf Vn-Nf Vn-Nf Vn-Nf

NFVI
Vi-Vnfm
Virtual Virtual Virtual
Computing Storage Network

Virtualisation Layer
Virtualised
Virtualised
Vi-Ha
Virtualised
Nf-Vi Infrastructure
Infrastructure Or-Vi
Infrastructure
Hardware resources Manager(s)
Manager(s)
Manager(s)
Computing Storage Network
Hardware Hardware Hardware

24 / 37

NFV reference architecture

• NFV infrastructure (NFVI)
▶ HW and SW resources that create the environment in which VNFs are deployed
▶ NFVI virtualises physical computing, storage, and networking and places them into resource pools
• VNF/Element Manager (EM)
▶ Collection of VNFs implemented in SW to run on virtual computing, storage, and networking resources, and
▶ Collection of EMSes that manage the VNFs
• NFV management and orchestration (NFV-MANO)
▶ Framework for the management and orchestration of all resources in the NFV environment (computing,
networking, storage, and VM resources)
• OSS/BSS
▶ Operational and business support systems implemented by the VNF service provider

25 / 37
NFV reference architecture
• Alternative 3-layer view of the architecture
▶ NFVI + virtualised infrastructure manager
Provide and manage the virtual resource environment and its underlying physical resources
▶ VNF layer
Provides the software implementation of network functions, together with element management systems and one or
more VNF managers
▶ Management, orchestration, and control layer
Consists of OSS/BSS and the NFV orchestrator
The NFV Management and Network Operation (MANO) includes the following functional blocks:
NFV Orchestrator (NFVO): Responsible for installing and configuring new network services (NS) and virtual network
function (VNF) packages, NS lifecycle management, global resource management, and validation and authorization of
NFVI resource requests
VNF Manager (VNFM): Oversees lifecycle management (e.g. instantiation, update, query, scaling, termination) of VNF
instances
Virtualised Infrastructure Manager (VIM): Controls and manages the interaction of a VNF with computing, storage, and
network resources under its authority, in addition to their virtualisation

26 / 37

NFV reference architecture

Reference points

Source: ETSI NFV ISG webpage

27 / 37
NFV Infrastructure (NFVI)
• The NFVI is the combination of both HW and SW components which build up the environment in which
VNFs are deployed, managed and executed
▶ Can span across several locations
Where NFVI Points-of-Presence (PoPs) are operated
▶ The network providing connectivity between these locations is considered part of the NFVI
• From VNF perspective, the virtualisation layer and the HW resources are a single entity providing the
desired virtualised resources

28 / 37

NFV Infrastructure
HW resources
• Physical resources include computing HW, storage and network (nodes and links)
▶ Computing HW assumed to be Commercial off-the-shelf (COTS)
▶ Storage resources can be shared Network Attached Storage (NAS) or storage that resides on the server itself
▶ Network resources
• Network resource types
▶ NFVI-PoP network
Interconnecting the computing and storage resources contained in an NFVI-PoP
Also includes specific switching and routing devices to allow external connectivity
▶ Transport network
Interconnecting NFVI- PoPs , NFVI- PoPs to other networks owned by the same or different network operator, and
NFVI- PoPs to other network appliances or terminals not contained within the NFVI- PoPs

29 / 37
NFV Infrastructure
Virtualisation layer and Virtualised resources
• Virtual resources are abstractions of the computing, storage and network resources
▶ Abstraction achieved using the Virtualisation layer
Decouples the VNF software from the underlying hardware, thus ensuring a hardware independent lifecycle for the
VNFs
▶ Hypervisors and VMs for computing and storage resources
▶ Software-Defined Networking (SDN) is one of the drivers for network virtualisation
• The virtualisation layer is responsible of
▶ Abstracting and logically partitioning physical resources
▶ Enabling the software that implements the VNF to use the underlying virtualised infrastructure
▶ Providing virtualised resources to the VNF, so that the latter can be executed
• Not restricted to any specific virtualisation layer solution
▶ In some cases VMs may have direct access to hardware resources (e.g. network interface cards) for better
performance

30 / 37

NFV Infrastructure
Virtualisation layer and Virtualised resources
• Network HW is abstracted by the virtualisation layer to realise virtualised network paths that provide
connectivity between VMs of a VNF and/or between different VNFs
▶ Several techniques can be used, e.g. virtual networks and network overlays, such as VLAN, VxLAN , NVGRE,
etc.
▶ Also considered approaches that centralise the control plane of the transport network and separating it from the
forwarding plane, such as SDN

31 / 37
Virtualisation Layering and NFVI Support
• The primary tools to realise the virtualisation layer are the hypervisors
▶ The NFV architectural framework should accommodate a diverse range of hypervisors
▶ VNFs are envisioned to be deployed as one or more VMs
ETSI GS NFV-EVE 004 discusses other virtualisation technologies (e.g. Containers,. . . )
▶ The virtualisation layer should provide open and standard interfaces
▶ Independence of HW resources and portability
▶ Performance and cost efficiency are also important
• Hypervisors are one of the potential solutions for the deployment of VNFs, not the only one
▶ VNF operation should be independent of its deployment scenario

32 / 37

NFV Infrastructure Domains

• The NFVI encompasses 3 domains

▶ Compute domain
Provides Commercial off-the-shelf (COTS)
high-volume servers and storage
▶ Hypervisor domain NVFI Hypervisor domain
Mediates the resources of the compute domain to
the VMs of the software appliances, providing an Virtual Virtual Virtual
abstraction of the hardware Computing Storage Network
▶ Infrastructure network domain
Comprises all the generic high volume switches
Virtualisation Layer
interconnected into a network that can be
Computing Storage Network
configured to supply infrastructure network services
Hardware Hardware Hardware

Compute domain
Infrastructure
network domain

33 / 37
VNFs and Services
• Network Function
▶ Functional block within a network infrastructure
▶ Well defined external interfaces and functional behaviour
▶ Examples: a residential GW, a DHCP server, . . .
• Virtual Network Function
▶ Implementation of an NF deployed on virtual resources (e.g., a VM)
▶ A single VNF may be composed of multiple internal components, hence deployed over multiple VMs
• Service
▶ Offering provided by a telco service provider
▶ Composed of one or more NFs
▶ From the users’ viewpoint, no difference if the service is made up of NFs, VNFs or a combination

34 / 37

VNF Software Architecture

• Virtualisation presents an opportunity of modular and slimmer software design of the conventional
monolithic NFs
▶ VNF decomposition
A VNF can be decomposed into smaller functional modules for scalability, reusability, and/or faster response
▶ VNF composition
Alternatively, multiple VNFs can be composed together to reduce management and VNF Forwarding Graph complexity
E.g., Implementing SGW and PGW in a “SGW-PGW”
▶ Different management needs may arise when VNFs are composed or decomposed out of other VNFs

35 / 37
NFV MANO
Management and Network Operation (MANO)
• Provides the functionality required for the provisioning of the VNFs, and related operations
▶ the configuration of the VNFs, and
▶ the configuration of the infrastructure the VNFs run on
• Includes orchestration and lifetime management of physical and/or software resources supporting the
infrastructure virtualisation and the lifecycle management of VNFs
• Includes databases used to store information and data models defining deployment and lifecycle properties
of functions, services and resources
• Defines interfaces used for communications between components of the MANO, as well as coordination
with traditional network management, such as OSS/BSS

36 / 37

Next sessions
• Network Function Virtualisation: S05
▶ VNF software architecture
OSM demo

37 / 37