This article is published as part of SDNLAB community’s translator program. SDNLAB will engage in long-term content collaboration with quality foreign media and individuals to bring more high-quality technical articles. This is the third article in the series <>.
Translated by: Andy Yu, currently serving as a PM at a network equipment supplier in the Bay Area, with previous roles at AMD, Dell, and others over many years.
In our previous series, we discussed OPNFV (Network Functions Virtualization Network Platform), covering mainly the virtual architecture and corresponding support NFV (Network Functions Virtualization) organization management. This article will primarily introduce the open-source solutions for composing different virtual network functions.
A Virtual Network Function (VNF) can operate on an NFV Infrastructure (NFVI) and be orchestrated by an NFV Orchestrator (NFVO) and VNF Manager. Beyond its well-defined functional behavior, a VNF is expected to provide interfaces to other network functions, VNF Manager, EMS, and NFVI.
The range of network installations targetable by commercial software and servers can include firewalls, V** gateways, switches, and routers. Researchers even believe that almost any network function can be virtualized. In today’s market, NFV focuses on switch elements, network devices, network services, and applications. Typical network functions for NFV are considered to be switch elements, carrier-grade NAT, and routers, nodes in mobile networks (backhaul and access), home/small office router functions, traffic analysis equipment, IP Multimedia Subsystem (IMS), application layer optimization functions, and security functions.
Virtual EPC and IP Multimedia System
3GPP is the standards organization defining network function standards for the network architecture and specifications of mobile and converged network functions. LTE developed from the Global System for Mobile Communications (GSM) into the previously 3GPP system known as the UMTS system.
The architecture most frequently used for today’s LTE mobile networks is known as the Evolved Packet Core (EPC), which consists of the UE, Evolved Universal Terrestrial Radio Access Network (E-UTRAN), and EPC core (LTE-ARCH = UE + EUTRAN + EPC). The E-UTRAN includes base stations known as eNodeB (eNBs). The EPC includes four network units, namely the Serving Gateway (SGW), PDN Gateway (PGW), and Mobility Management Entity (MME). Mobile networks are composed of numerous specialized hardware devices.
With the introduction of NFV and SDN in the EPC, some of the components listed above are becoming virtualized. Open APIs are also being introduced among virtualized components. In the table below, we start with the minimal EPC and add more features in successive rows. The last column shows the 3GPP architecture components for each feature:
>
The IP Multimedia Subsystem (IMS) is an architecture framework for delivering IP multimedia services.
>
There are currently a substantial number of open source projects to implement various components of the EPC architecture. Some software is listed in the table below. However, it is crucial to understand that no single software solution can implement the complete EPC. To achieve this goal, different software must cooperate, and so-called “glue” must be invented to allow these softwares to jointly implement the functions of the EPC.
Virtual Switching and Routing
The two most important network functions are routing and switching functions. NFV aims to support various standard protocols, such as BGP & OSPF, by running on commercial hardware or virtual machines. Below, we introduce some popular open-source software for implementing switching and routing functions.
Switching:
Linux Bridge: This is a software-based switch using the IEEE 802.1D protocol, bundled with Linux distributions as a kernel module. It includes FDB (Forwarding DB), STP (Spanning Tree), promiscuous mode for receiving all packet filtering and traffic shaping support, making it more powerful than hardware-implemented bridging functions.
OpenVswitch (OVS): OVS is probably the most popular and widely used software-based switch today. It supports OpenFlow and can function as a general switch. It includes features such as VLAN tagging, VXLAN, GRE, bonding, flow-based forwarding, user space control plane, etc.
Lagopus: Another software switch compatible with OpenFlow 1.3. Like OVS, it also matches well with Intel DPDK. They plan to integrate other control plane schemes like Quagga and GoBGP in their roadmap, which I believe will benefit various open user solutions.
Vale/Netmap: Like Linux Bridge and OVS, Vale connects physical or virtual network interfaces. However, compared to other software switches, it offers higher performance (high throughput and low CPU usage) and scalability. Its superior performance is achieved through the Netmap API; in fact, Vale is provided as part of the Netmap distribution.
Routing:
Quagga: Quagga is a suite of many small background processes, each with a specific task. This task may involve running a routing protocol such as OSPF or BGP. The Zebra background process interacts with the kernel and provides a simple API (known as Zserv) for other background processes, so they need not directly call the kernel. Other background processes run their respective protocols. Users can configure Quagga to have all these background processes view their configuration files from the same location or configure each process individually.
BIRD: BIRD is a project developed by professors from the Faculty of Mathematics and Physics at Charles University, Prague. It is currently developed and supported by the CZ.NIC Labs. The BIRD project aims to develop a fully functional dynamic IP routing program, primarily but not exclusively for Linux, FreeBSD, and other Unix-like systems released under the GNU General Public License. It supports both IPv4 and IPv6 (needs to be configured with -enable -IPv6), multiple routing tables, BGP, RIP, OSPF, static routes, and IPv6 router announcements, etc.
VyOS: VyOS is a Linux-based network operating system offering software-based routing functions, including various OSPF, BGP routing protocols, integrated firewall, and V** support functions. VyOS is essentially a fork of Vyatta, which was acquired by Brocade Communications.
Virtual Commercial Network Elements (Personal Network Devices)
Researchers believe that while the virtualization of core routers may be unfeasible, at least in the near future, due to high performance (throughput) demands, the virtualization of backbone edge (PE) routers will be a more feasible option.
Services of virtual private networks, such as L3 V** IP (where each PE device acts like a set of virtual routers), L2 V**, EV** and pseudowires show flexibility and scalability when virtualized. This presents a main advantage to vendors, many of whom are contemplating virtualization implementations in the cloud for functions such as PE.
Similar to PE routers, Broadband Remote Access Servers (B-RAS) are the confluence of various internet traffic sources such as DSL, cable, wireless broadband, and Ethernet into a single network interface accessed from DSLAM equipment. It can be as simple as a router forwarding packets from core to clients (and vice versa) or a sophisticated router applying IP policies, QoS, packet manipulation, meters, etc., per user. Virtualization of B-RAS functions has been shown to be beneficial, both in terms of cost and flexibility/scalability, for network service providers.
Open Source Personal Network Devices
Most of the earlier mentioned routing class open-source software like Quagga, VyOS, and BIRD can be used to realize many PE functions. Tools like IPtables (netfilter) and Radius-server (freeRADIUS) are part of standard Linux distribution and can be used for virtual firewall and virtual AAA, respectively. Software like Snort is used in some NFV deployment applications for virtual intrusion detection systems (virtual IDS).
Furthermore, other software like MPLS-Linux and xl2tp-daemon can be utilized for PE’s virtual functions. Recently, AT&T and Ericsson, through the OpenDaylight controller, proposed an SDN-based L3V**.
Virtual CPE
Client Premises Equipment or CPE refers to network terminal equipment located at the business or residential broadband user end connecting to telecommunication service providers. Generally, service providers configure and manage CPE for enterprise users and residential users through various hardware from different manufacturers.
If not using a virtualized CPE, introducing any new technology, adding new services, or upgrading security, confidentiality, and metering functions could significantly increase the service provider’s cost.
With virtual CPE, most CPE functions are offloaded from the client and migrated into the service provider’s network (possibly in their data center). This creates a ‘simplified’ CPE, which acts as a simple Layer-2 forwarding device to connect to the service provider’s network. Generally, services like DHCP, firewall, NAT, routing, V** are provided as Virtual Network Functions (VNFs) running as Virtual Machines (VMs) in the service provider’s data center.
Open Source vCPE:
Network services like DHCP, firewall, NAT, DNS (vDHCP, VFW, vNAT, VDNS,) can be achieved through open source implementations and can be part of many standard Linux distributions. For example, DNS and DHCP can be deployed using dnsmasq. Iptables, used for NAT and firewall implementation, has not yet seen specific NFV-oriented independent open source projects dedicated to building virtual client premises equipment such as customer routers, virtual set-top boxes, and virtual home routers.
Virtualized Access Network Elements
DSL ‘remote’ nodes residing in mixed fiber, such as FTTcab and FTTdp, located in street or building access networks, are increasingly becoming virtualization hotspots. Economically, these nodes should remain highly compact with extremely low power consumption and maintenance costs. Simplification of these remote nodes can be achieved by virtualizing functions like OLT, DSLAM, ONU, ONT, MDU, and DPU, pushing the complexity to a virtual environment for economic viability. So far, although there is no open-source software available for these virtualized network functions, major telecommunications operators like AT&T are working towards virtualizing these functions. We hope they will open-source it soon – hopefully, this wish will become a reality soon!
“`Complete understanding of the subject matter is important, as specialized terminology may require context-sensitive translations to ensure technical accuracy. The translated content uses precise terminologies relevant to the field of network virtualization and is presented in a professional and technically accurate manner.