Professional Documents
Culture Documents
Toward An SDN-Enabled NFV Architecture: Etwork and Ervice Irtualization
Toward An SDN-Enabled NFV Architecture: Etwork and Ervice Irtualization
Toward An SDN-Enabled NFV Architecture: Etwork and Ervice Irtualization
depending on the associated service being troller and proposes its combination with SDN.
SDN and NFV are authorized or not. Similar to FlowNAC, there are also other efforts
The depicted scenario is challenging in sever- that aim at demonstrating the integration of
complementary tech- al aspects, and some topics are still open. The NFV and SDN. Reference [10] presents the
nologies, and each article concludes presenting the main challenges implementation of a routing function virtualiza-
can leverage off the introduced by the SDN-enabled NFV architec- tion based on NFV concepts that leverages on
ture and relates them to the current efforts to OpenFlow, although from the architectural
other to improve the bring the NFV proposal to fulfill the expected standpoint this work is not related to the archi-
flexibility and simplic- benefits. tecture proposed by ETSI. Other SDN technolo-
gies, like ForCES, have also positioned
ity of networks and themselves to demonstrate their applicability to
service delivery over
RELATED WORK NFV [11] and how the networking resources
them. For this aim, Major standardization efforts of the emerging could be exposed to the VNFs.
NFV technology are being led by the European From the related work, we can conclude that
new architectures Telecommunications Standards Institute (ETSI), currently there is a clear momentum for exploit-
and interfaces where the NFV Industry Specification Group ing networking innovation in the light of SDN
(ISG) has recently published 11 NFV specifica- and NFV. Moreover, open issues arise as a step
between them are tions, including the NFV architecture [2]. The forward is achieved; thus, work should continue
needed, and several defined architecture focuses on the aspects to bring us closer to a dynamic and flexible net-
proposals are unique to virtualization, such as the transforma- working infrastructure.
tion of the management and orchestration of
emerging. VNFs, rather than common challenges to both
physical and virtualized NFs, such as the control TOWARD AN SDN-ENABLED
and operation of the end-to-end network service.
Moreover, the NFV ISG is also coordinating and
NETWORK FUNCTION
promoting public demonstrations of proofs of VIRTUALIZATION ARCHITECTURE
concept (PoCs) [3] that illustrate key aspects of
NFVs, such as scalability, multi-tenancy, and The scenario to enable the dynamic deployment
migration issues. of VNFs is challenging from the networking
The Open Networking Foundation (ONF) point of view. It must support multi-tenancy,
has also been active in the NFV arena and has multiple service chains sharing the same physical
proposed “A Flexible NFV Networking Solu- resources, and traffic steering between the VNFs
tion” [4], outlining the benefits for the NFV to develop the service chain. In this context, the
deployment of an OpenFlow-enabled SDN traffic must be isolated not only among service
approach to deal with the dynamic provisioning chains but between the NFs that compose the
of networking services. service as well. SDN is a perfect complement to
Recently, the Internet Research Task Force deal with these requirements and with the
has published RFC 7426 [5], which proposes a dynamicity imposed to the network resources.
common terminology for SDN layering and Although the interaction between NFV and
architecture based on significant related work SDN is complementary, there is space for inno-
from the SDN research community. In this vation in this area, and their relationship can
regard, the work presented in this article mainly evolve beyond providing a network infrastructure
focuses on the separation between the control with enhanced capabilities to significantly
and forwarding planes, and is compatible with improve how the VNFs are designed. Next, we
this RFC, but narrows down the scope to multi- present a vision on the evolution of the NFV
tenancy and NFV-related implementation architecture from an SDN-agnostic approach to
aspects. a fully SDN-enabled architecture, also represent-
The work done by ETSI and ONF is relevant ed in Fig. 1.
as a reference to the two first steps of the NFV
architecture evolution, presented later. SDN-AGNOSTIC NFV ARCHITECTURE
As a contribution to progress in NFV Before the appearance of NFV, NFs were built
research, European Commission funded projects as a closed combination of software and hard-
like T-NOVA [6] and UNIFY [7]. The T-NOVA ware from vendors. NFV is a step forward for
project has the goal of designing a framework the provisioning of network functions and
for providing NFs as a service for all the stake- enables the decoupling of software from hard-
holders, while the UNIFY project seeks to open ware. This decomposition relies on the virtual-
up all the potential of virtualization and automa- ization layer, which exposes virtual resources
tion across the whole networking and cloud (i.e., computing, storage, and network) that
infrastructure. The work presented in this article become the building blocks for NFs. Moreover,
is related to the latter. the deployment of NFs becomes more flexible as
Some other works are also related to the evo- they are based on software and not attached to
lution of the NFV architecture and FlowNAC specific hardware. As the NF turns into instan-
proposal. Reference [8] demonstrates the appli- tiable software (VNF), it provides more flexibili-
cability of the ETSI architecture to deploy VNFs ty to scale up/down with finer granularity
in a resilient and scalable manner. The SIP-PBX according to the actual traffic and NF perfor-
service proposed is similar to FlowNAC in the mance.
sense that the control and data planes are clearly The NFV architecture promoted by ETSI
separated. Reference [9] introduces an ETSI- leverages on compute, storage, and network vir-
based architecture that ensures high availability tual resources, and NFs are virtualized and
and scalability for a virtual session border con- encapsulated as a software package, like a virtu-
al machine (VM), that relies on these compo- infrastructures by using a common interface. As
nents. The underlying network infrastructure, part of this contribution, the ONF depicts a pos-
included in the NFV infrastructure (NFVI), is sible interaction between the NFV Orchestration
abstracted to realize virtualized network paths component and the OpenFlow Controller, which
that provide connectivity to support the inter- is based on a northbound interface exposed by
connection between VNFs and with the end- the latter.
points [2]. Therefore, the VNFs are software Further pursuing this approach, the latest
boxes running on commodity servers to process documents from ETSI [13] integrate SDN with
the frames coming from the underlying network, the defined architecture and reference points for
and consequently, compute resources are the NFVI. However, the contributions of SDN
main architectural component to build the NFs. remain in the infrastructure network domain of
In this regard, virtual network resources are lim- the NFVI, focused on providing connectivity ser-
ited to providing an interface to the underlying vices; and despite being a perfect complement
network resources, which are mostly considered for NFV, it does not tackle the compute-based
just for providing connectivity service. design of VNFs. Since the main difference from
Some examples proposed by ETSI that can the previous approach lies only in the network
benefit from this approach are vBNG, vCPE, infrastructure, the same examples apply here.
vRouter, CG-NAT, software-based DPI, and The main idea is that the compute resources
mobile network nodes [12]. (e.g., the CG-NAT) must process all the data
traffic. The network infrastructure still only pro-
SDN-AWARE NFV ARCHITECTURE vides connectivity services, albeit more dynamic
Since the initial proposal of the NFV concept and programmable.
[12], its relationship with SDN was argued to be
complementary and potentially of added value SDN-ENABLED NFV ARCHITECTURE
when both technologies are combined. The sepa- This last step in the evolution of NFV toward a
ration of data forwarding from the control plane fully SDN-enabled architecture means a valu-
improves the flexibility of the network and sim- able advance in the way the VNFs are designed
plifies the dynamic deployment and operation of and implemented. As explained in the previous
resources. In addition, the usage of commodity section, the synergies between both technologies
servers and switches, avoiding specific hardware- advocate for deploying NFV over an SDN net-
based components provided by vendors, is a work infrastructure. Based on this programma-
shared objective between NFV and SDN. More- bility already in place, the proposal is to explore
over, some of the networking challenges of the the possibility of exploiting the network infra-
NFV architecture to be addressed match the structure layer to implement part of the VNF
design goals of SDN, such as dynamic control functionality. At this point, it must be highlight-
and configuration of network nodes and auto- ed that current SDN datapath implementations
mated management of the network. Others, like are mostly stateless, since there is no (or limit-
elastic and fine-grained scalability adapted to the ed) state associated with the flow entries. In
actual needs, seamless mobility of resources, and general, previously matched frames do not
efficient multi-tenancy support, can be built on affect subsequent frames, meaning that no state
SDN capabilities. is associated (e.g., a stateless firewall or load
Thus, even if the first ETSI architecture [2] balancer). However, some limited or lightweight
did not explicitly mention SDN as part of the state can be kept in the data path, such as flow-
NFVI, the ONF [4] quickly published the envi- level counters, timers for flow expiration, and
sioned scenario of cooperation between SDN queue-level counters for QoS support. As a con-
and NFV, which contributed to simplify the inte- sequence, the networking devices, which are
gration of both physical and virtual networking supposed to be optimized for data plane pro-
aware NFV, which offers the network the [9] G. Monteleone and P. Paglierani, “Session Border Controller
Virtualization towards Service-Defined Networks Based on
dynamicity to support new network-aware ser- NFV and SDN,” Proc. Int’l. Conf. IEEE SDN for Future Net- Several challenges
vice provisioning paradigms. works and Services ’13, Trento, Italy, 11–13 Nov.
In this article we propose a taxonomy of the [10] J. Batall et al., “On the Implementation of NFV over an
still need to be
evolution of the NFV/SDN relationship. In the OpenFlow infrastructure: Routing Function Virtualiza- addressed to fully
tion,” Proc. Int’l Conf. IEEE SDN for Future Networks
latest approach, the processing of network pack- and Services ’13, Trento, Italy, 11–13 Nov. attain the benefits of
ets is partially offloaded to the network element [11] E. Haleplidis et al., “ForCES Applicability to SDN-
(the SDN switch) while maintaining the stateful enhanced NFV,” Proc. Euro. Wksp. Software Defined this approach. But
processing of the VNF on the compute element. Networks, Budapest, Hungary, 2014.
[12] ETSI ISG for NFV, NFV White paper: “Network Func-
overall, we consider
This effectively means that the VNF logically tions Virtualisation, An Introduction, Benefits, Enablers,
extends to the networking element. that there are many
Challenges & Call for Action. Issue 1,” http://portal.etsi.
To demonstrate the validity of the concept, a org/NFV/NFV_White_Paper.pdf; accessed 15 Jan. 2015. reasons to believe
real implemented use case that shows the suitabil- [13] ETSI ISG for NFV, ETSI GS NFV-INF 001, “Network
Functions Virtualisation (NFV); Infrastructure Overview;” that an SDN-enabled
ity is presented: an access control virtualized net- http://www.etsi.org/deliver/etsi_gs/NFV-INF/
work function (FlowNAC VNF) using FlowNAC, 001_099/001/01.01.01_60/gs_nfv-inf001v010101p.pdf;
NFV will boost the
our own flow-based network access control. accessed 15 Jan. 2015. NFV deployment to
Several challenges still need to be addressed [14] J. Matias et al., “The EHU-OEF: An OpenFlow-Based Layer-
to fully attain the benefits of this approach. But 2 Experimental Facility,” Computer Networks, vol. 63, Spe- support new efficient
cial Issue on Future Internet Testbeds, 2013, pp. 101–27.
overall, we consider that there are many reasons [15] C. Rotsos et al., “OFLOPS: An Open Framework for and cost effective
to believe that SDN-enabled NFV will boost OpenFlow Switch Evaluation,” Proc. Passive and Active
services.
NFV deployment to support new efficient and Measurement, Vienna, Austria, 2012.
cost-effective services.
BIOGRAPHIES
ACKNOWLEDGMENTS JON MATIAS received his B.S. and M.S. degrees in telecom-
This research was partly funded by the Spanish munication engineering from the University of the Basque
Ministry of Economy and Competitiveness under Country (UPV/EHU) in 2003. He currently works as a
researcher at the Communications Engineering Department
the “Secure deployment of services over SDN of the same university and is pursuing a Ph.D. degree
and NFV based networks” project S&N-SEC focused on access networks and security. His research
TEC2013-47960-C4-3-P and by the European interests include software defined networking, network
Commission under the FP7 UNIFY (Unifying functions virtualization, broadband access networks, and
security.
Cloud and Carrier Networks) project CNECT-
ICT-619609. This has been produced within the JOKIN GARAY received his B.S. and M.S. degrees in telecom-
Training and Research Unit UFI11/16 supported munication engineering in 2003 from UPV/EHU. After a
by the UPV/EHU. period in the private sector, he came back to the university
to pursue a Ph.D.. His research interests include software
defined networking, network functions virtualisation, and
REFERENCES cloud computing.
[1] J. Matias et al., “FlowNAC: Flow-Based Network Access N EREA T OLEDO received her B.Sc. and M.Sc. degrees in
Control,” Proc. Euro. Wksp. Software Defined Net- telecommunications engineering in 2007 from UPV/EHU
works, Budapest, Hungary, 2014. and her Ph.D. degree from the same university in 2012.
[2] ETSI ISG for NFV, “ETSI GS NFV 002: Network Functions Since 2008 she has been an assistant professor at UPV/EHU
Virtualisation (NFV); Architectural Framework,” and as a researcher in the I2T lab (http://i2t.ehu.es). She
http://www.etsi.org/deliver/etsi_gs/NFV/001_099/002/01. has been a visiting researcher at Institut Telecom-Telecom
02.01_60/gs_NFV002v010201p.pdf; accessed 15 Jan- Bretagne. Her current research interests include SDN, wire-
uary 2015. less networking, and security.
[3] ETSI ISG for NFV, “NFV Proofs of Concept,”
http://www.etsi.org/technologies-clusters/technologies/ J UANJO U NZILLA holds B.S., M.S. (1990), and Ph.D. (1999)
nfv/nfv-poc; accessed 15 Jan. 2015. degrees in communications engineering, and is a professor
[4] ONF, “OpenFlow-Enabled SDN and Network Functions in the Communications Engineering Department at
Virtualization,” https://www.opennetworking.org/ UPV/EHU where he teaches subjects related to telecommu-
images/stories/downloads/sdn-resources/solution- nications networks and services. He is part of the I2T
briefs/sb-sdn-nvf-solution.pdf; accessed 15 Jan. 2015. Research Group, where he participates in several national
[5] E. Haleplidis et al., “Software-Defined Networking (SDN): and European R&D projects. His research interests include
Layers and Architecture Terminology,” RFC 7426, Jan. SDN and NFV, network security, and techno-economic
2015; http://tools.ietf.org/search/rfc7426; accessed 01 Feb. models for access networks. Other interests are models
2015. and metrics for knowledge transfer from universities to
[6] G. Xilouris et al., “T-NOVA: A Marketplace for Viortual- enterprises.
ized Network Functions,” Proc. Euro. Conf. Networks
and Commun., Bologna, Italy, 2014. EDUARDO JACOB [SM], after spending a few years in the pri-
[7] P. Skoldstrom et al., “Towards Unified Programmability vate sector, first as a network manager and an R&D project
of Cloud and Carrier Networks,” Proc. Euro. Wksp. leader later, came back to UPV/EHU. He is a professor and
Software Defined Networks, Budapest, Hungary, 2014. leads a research group at his university that is participating
[8] M. Schöller et al., “Resilient Deployment of Virtual Net- in several national and European R&D projects. Other inter-
work Functions,” Proc. Int’l. Congress on Ultra Modern ests are industrial applications of SDN and NFV for resilien-
Telecommunications and Control Systems and Wksps. cy, experimental network infrastructures, and cyber
’13, Almaty, Kazajistan, 10–13 Sept. physical systems.