System Issues in Cloud Computing

Mini-course: Network Function Virtualization

KISHORE RAMACHANDRAN, PROFESSOR

School of Computer Science
College of Computing
 Lesson 4 - Deploying
Virtualized Network Functions
in managed Cloud
infrastructures
Headshot
Middleboxes were typically deployed on premises, which led to the practice
of deploying NFV applications on on-premise clusters too. However, the
growth of the public cloud makes migrating these applications a way to
reduce expenditure for enterprises as well as minimize manual management
of the NFV applications. This is similar to the transition that enterprises
went through when they replaced their on-premise IT infrastructure by
managed cloud services.

In this lecture we will discuss techniques that enable offloading NFV

workload to a managed cloud, as well as other developments in the
telecommunications industry that makes offloading NFV workloads viable.
Outline
● Benefits of using managed cloud services for hosting enterprise’s
NFs
● Techniques for offloading network functions to managed cloud
● Observed performance of NF offloading
● Mobile edge computing for enabling efficient offloading of NFs
○ Related initiative: OpenCOORD
● Cloud-RAN (Radio Access Network) as another use-case for NFV on
MEC
Offloading middlebox processing to the cloud
Traditional on-premise NFs

NF processing offloaded to cloud

Internet

Cloud
Enterprise network datacenter

Internet
Traffic
Redirection
Enterprise network
Why offload NF processing to the cloud ?
● Leverage economy of scale to cut costs
● Simplify management
○ No need for training personnel
○ Upgrades are handled by cloud provider
○ Low-level configuration of NFs is replaced by policy
configurations
■ Avoid failures due to misconfiguration
● Elastic scaling
○ Scale in/out works much better on cloud Vs. on premise
■ Avoid failures due to overload
Transition
Important questions to answer
● How is the redirection implemented ?
○ Functional equivalence needs to be maintained
○ Latency should not be inflated
● How to choose cloud provider to offload to ?
○ Dependent on cloud provider’s geographical resource
footprint
Bounce redirection
● Simplest form of redirection
● Tunnel ingress and egress
traffic to the cloud service
● Benefit: Does not require any
modification to the enterprise Enterprise
Gateway
or the client applications
● Drawback: Extra round trip to Average latency between
Georgia Tech campus and Microsoft Azure regions
the cloud
Region Average Latency (ms)
○ Can be feasible if cloud East US(Virginia) 24 ms

Point-of-Presence is located East US 2(Virginia) 28 ms

close to enterprise North Central US(Illinois) 37 ms

Source : https://www.azurespeed.com/Azure/Latency
IP Redirection
● Save extra round-trip by sending
client traffic directly to the cloud
service
● Cloud service announces IP prefix on
behalf of the enterprise
● Drawback: multiple Point of Presence
(PoP)
○ Cannot ensure that same PoP
receives both flows a→b and b→a
(There is not guarantee about
which PoP ends up receiving Enterprise
Gateway
client’s packets since all PoPs
advertise the same IP address
range)
○ Since traffic is directed using
DNS-based redirection
● Cloud provider runs DNS
resolution on behalf of
enterprise
● Enterprise can send reverse
traffic through the same cloud
PoP as forward traffic
○ Gateway looks up
Enterprise GW
destination Cloud PoP’s IP
address in DNS Service
● Drawback : loss of backwards
compatibility
○ Legacy enterprise
applications expose IP
Smart redirection
For each client c and enterprise site e,

Choose the cloud PoP P*(c,e) such that

P*(c,e) = arg minP [Latency(P, c) + Latency(P,e)]

Requires the enterprise gateway to maintain multiple tunnels to each

participating PoP

- Cloud service computed estimate latencies between PoPs and

clients/enterprises using IP address information
Transition
Latency inflation due to redirection
● Original latency = Host 1 → Host 2
● Inflated latency = Host 1 → Cloud
PoP → Host 2
● More than 30% of host pairs have
Inflated latency < original latency
○ Triangle-inequality is violated
in inter-domain routing
○ Cloud providers are well
connected to tier-1/tier-2 ISPs
What about bandwidth savings ?
● Middleboxes like Web Proxy, WAN HTTP
NAT FW
Proxy
accelerator are used to limit WAN
bandwidth used by enterprise Enterprise Network

○ HTTP Proxy limits WAN bandwidth

Public Cloud
usage by caching web pages
● If we move them to the cloud, WAN HTTP
NAT FW
Proxy
bandwidth becomes high for the
High WAN
enterprise bandwidth
● Safest solution is to not migrate those consumption
types of middleboxes
Enterprise
Gateway

Enterprise Network
What about bandwidth savings ?
Solution : Use general-purpose traffic HTTP
NAT FW
Proxy
compression in Cloud-NFV gateway
Enterprise Network

Public Cloud
Protocol agnostic compression technique Traffic HTTP
achieves similar bandwidth compression as compression
/decompression
Proxy
NAT FW

the original middlebox WAN bandwidth

usage reduced by
compressing
Traffic outgoing traffic
compression/
decompression
Enterprise
Gateway
Enterprise Network
Transition
Which cloud provider to select ?
● Amazon-like footprint
○ Few large (Points-of-
Presence) PoPs
● Akamai-like footprint
○ Large number of small
PoPs
● Emerging “edge-computing
providers”
Telecom providers are ideal for edge
computing
● Telecommunication providers like AT&T and Verizon possess a
geographical footprint much denser than AWS or Akamai
● Residential Broadband service providers use functions like virtual
Broadband Network Gateway (vBNG)
○ To provide residential broadband users with services like
subscriber management, policy/QoS management, DNS, routing
○ Service providers also offer services like Video-on-Demand CDN,
virtual Set Top Box
https://wiki.onap.org/pages/viewpage.action?pageId=3246168
● Such services are deployed close to the subscribers
○ These compute resources are potential candidates for offloading
Transition
OpenCORD initiative
● Telecommunication providers own Central Offices
○ Contain switching equipment
● OpenCORD : Central Office Re-architected as a
Datacenter
● Setting up central offices with general purpose
servers
● Provides infrastructure services
○ Deploy their own network functions
○ For 3rd parties to deploy NFV functions
● Allow enterprises to host network functions on
Location of Central Offices around Atlanta
virtualized hardware (potential fog location candidates)
○ Colocated with telecom provider’s network
functions
● This becomes a candidate realization of mobile edge
computing
Remote sites require illusion of homogeneous
network
● Organizations like Chick Fil A or Honeywell have geo-distributed
sites
○ Each site needs multiple network services
○ Firewalls, IDS, Deep Packet Inspection, HTTP Proxy, WAN
optimizer
● Used to be implemented on custom hardware on-premise
○ Can be offloaded to a managed service
Virtualized customer premise equipment

Virtual CPE (Customer Premise

Equipment)

● Serves as a gateway for multiple

parts of an Enterprise Network to
connect to each other
● Placed in Edge PoP or Centralized
datacenter
● An industry solution for migrating
NFV to a cloud service
Transition
NFs in Cellular Networks
Another evolution that is happening that is moving NFV to managed
infrastructure
● Converting RAW cellular packets to IP ready packets

Different from earlier middleboxes (which were meant for IP packets)

Building blocks of a cellular network
● Access Network
○ Consists of base stations (evolved
NodeB - eNodeB) Internet
○ Acts as interface between end-users Control plane traffic
Data plane traffic
(User Equipment/UE) and Core
Network Core
Network P-GW
○ MAC scheduling for Uplink and
Downlink traffic
○ Header compression and user-data S-GW MME
encryption
○ Inter-cell Radio Resource Management Access
● Core network Network
○ Mobility control → making cell-tower
handoff decisions for each user
(Mobility Management Entity - MME)
○ Internet access → IP address
assignment and QoS enforcement
(Packet Data Network Gateway - P-
Traditional Radio-Access Networks
● Packet processing in access network perform 2 types of tasks
○ Analog radio function processing (RF processing) :
■ Digital-to-analog converter / Analog-to-digital conversion
■ Filtering and amplification of signal
○ Digital signal processing (Baseband processing) :
■ L1, L2 and L3 functionality
Evolution of base stations so far
1G and 2G 3G and 4G
networks networks

Antenna Antenna

Coaxial
to Core cable
to Core RF RRH

Baseband
Network (S1
Network (S1 Fiber
-band

interface)
Base

interface)
RF

to other base
to other base
stations
stations
(X2 interface)
(X2 interface)
RF and Baseband processing are Functions split between Remote
co-located in one unit (inside a Radio Head (RRH) and BaseBand
base station). Unit (BBU). BBU is typically located
within 20-40 kms away from
Benefits/Limitations of 3G/4G design
Benefits:
● Lower power consumption since RF
functionality can be placed on 3G and 4G
poles/rooftops ⇒ efficient cooling networks

● Multiple BBUs can be placed together in a

Antenna
convenient location ⇒ cheaper
maintenance
● One BBU can server multiple RRHs
to Core Network RF RRH

Baseband
(S1 interface)
Limitations:
to other base
● Static RRH-to-BBU assignment ⇒ Resource stations
(X2 interface)
underutilization
● BBUs are implemented as specialized
hardware ⇒ Poor scalability and failure
handling
Transition
Cloud Radio Access Network
● Virtualizes the BBUs in a BBU Pool
● Base-band Unit now implemented
as software running on general
RF RRH
purpose servers
● Allows elastic scaling of BBUs
RF RRH
based on current workload
● BBU-RRH assignment is dynamic, Baseband
Baseband RF RRH
Baseband
leading to higher resource
utilization RF RRH
Virtualized BBU Pool
Location of virtual BBU Pool?
● Splitting Radio Function and Base Band processing poses stringent
requirements on connecting links
○ Low latency
○ Low jitter
○ High throughput

● Need compute capacity in physical proximity of deployed base

stations
○ Geo-distributed computing infrastructure
○ Virtualization support required for scalable network processing
The complete picture
Internet
1. Cellular network providers
setup geo-distributed MEC
capacity Core Network

2. C-RAN functions are deployed

on MEC servers vBNG vBNG Baseband
HTTP
Proxy
NAT FW

3. MEC capacity is made Virtualization layer

available for enterprises to

offload their NFs
Enterprise
offloading
Coming together of IP level middleboxes

network functions and the RAN

level NFs
Resources
1. Sherry, Justine, et al. "Making middleboxes someone else's problem: network processing as a
cloud service." ACM SIGCOMM Computer Communication Review 42.4 (2012): 13-24.
2. MEC Deployments in 4G and Evolution Towards 5G
https://www.etsi.org/images/files/etsiwhitepapers/etsi_wp24_mec_deployment_in_4g_5g_final.pdf
3. Checko, Aleksandra, et al. "Cloud RAN for mobile networks—A technology overview." IEEE
Communications surveys & tutorials 17.1 (2014): 405-426.
4. CORD - Wiki Home
https://wiki.opencord.org/display/CORD/Documentation
5. Virtualizing Customer Premises With Service Function Chaining
https://www.opnfv.org/wp-content/uploads/sites/12/2016/11/opnfv_odl_vcpe_sfc_brief.pdf
Credits for figures
1. Sherry, Justine, et al. "Making middleboxes someone else's problem: network processing as a
cloud service." ACM SIGCOMM Computer Communication Review 42.4 (2012): 13-24.
2. Virtualizing Customer Premises With Service Function Chaining (Accessed : 03/11/2020)
https://www.opnfv.org/wp-content/uploads/sites/12/2016/11/opnfv_odl_vcpe_sfc_brief.pdf
Closing Headshot
That concludes our mini course on NFV. NFVs evolved as cousin of SDN
and now occupies its own position due to the ubiquity and necessity of
NFs in the enterprise IT landscape.