In our previous series, we discussed OPNFV (Open Platform for Network Functions Virtualization), mainly covering related virtual architectures and the corresponding management of NFV organizations. This article will primarily focus on open-source solutions for assembling different virtual network functions.
A Virtual Network Function (VNF) can run on an NFV Infrastructure (NFVI) and be orchestrated by an NFV Orchestrator (NFVO) and VNF Manager. Besides well-defined functional behavior, a VNF is expected to provide interfaces to other network functions, the VNF Manager, the Element Management System (EMS), and the NFVI.
The range of network facilities potentially replaced by commercial software and server targets includes firewalls, V** gateways, switches, and routers. Researchers even believe that almost any network function can be virtualized. NFV, in today’s market, focuses on switch components, network devices, network services, and applications. Typical network functions considered for NFV include switch components, carrier-grade NAT and routers, nodes of mobile networks (backhaul and access), functions at home/small office routers, traffic analysis devices, IP Multimedia Subsystem (IMS), application layer optimization functions, and security functions.
Virtual EPC and IP Multimedia System
3GPP is a standards organization that defines the standards for network functions needed for mobile and converged network functions. LTE evolved from the Global System for Mobile Communications (GSM) into the early 3GPP systems known as the UMTS system.
The most commonly used architecture for today’s LTE mobile networks is known as the Evolved Packet Core (EPC), consisting of the UE, the Evolved Universal Terrestrial Radio Access Network (E-UTRAN), and the EPC core (LTE-ARCH = UE + EUTRAN + EPC). E-UTRAN includes base stations, known as eNodeBs (eNBs). EPC includes four network entities: the Serving Gateway (SGW), the PDN Gateway (PGW), and the Mobility Management Entity (MME) [X1]. Mobile networks comprise a wide variety of specialized hardware devices.
As NFV and SDN are introduced into the EPC, some of the components listed above are undergoing virtualization, with open APIs being introduced between virtualized components. In the table below, we start with the smallest EPC, adding more functions in subsequent rows. The last column shows the 3GPP architecture components for each function:
The IP Multimedia Subsystem (IMS) is an architectural framework for delivering IP multimedia services.
Currently, there is a significant number of open-source projects aimed at implementing various components of the EPC architecture. Some software is listed in the following table. However, it is important to understand that no single software solution can implement a complete EPC. To achieve this, different software must collaborate, and so-called “glue” must be invented to allow these programs to work together and fulfill the function of EPC.
Virtual Switching and Routing
The two most crucial network functions are routing and switching functions. The goal of NFV is to support various standard protocols, such as BGP & OSPF when running on commercial hardware or virtual machines. Below, we introduce some popular open-source software used to implement switching and routing functions.
Switching:
Linux Bridge: This is a software-based switch using the IEEE 802.1D protocol, which comes with Linux distributions as a kernel module. It includes FDB (Forwarding Database), STP (Spanning Tree Protocol), promiscuous mode to receive all data packets, filtering, and traffic shaping support, making it more powerful than bridge functions implemented in hardware.
OpenVswitch (OVS): OVS is perhaps the most popular and widely used software-based switch. It supports OpenFlow and can function as a generic switch. It includes various functionalities such as VLAN tagging, VXLAN, GRE, bonding, flow-based forwarding, user space control plane, and more.
Lagopus: This is another software switch compatible with OpenFlow 1.3. Like OVS, it is also well-matched with Intel DPDK. They plan to integrate other control plane solutions such as Quagga and GoBGP into their roadmap, which I believe will be greatly beneficial for various open user solutions.
Vale/Netmap: Similar to Linux Bridge and OVS, Vale connects physical or virtual network interfaces. However, compared to other software switches, it has higher performance (high throughput and low CPU usage) and scalability. Better performance is achieved through Netmap’s API, and Vale is provided as part of the Netmap distribution.
Routing:
Quagga: Quagga is a collection of multiple small daemon processes, each with a specific task, such as running a routing protocol like OSPF or BGP. The Zebra daemon interacts with the kernel and provides a simple API (called Zserv) for other daemons to use, so they do not need to directly call the kernel. Other daemons run their respective protocols. Users can configure Quagga so that all these daemons view their configuration files from a single location or configure each daemon individually.
BIRD: BIRD is a project developed by professors at the Faculty of Mathematics and Physics, Charles University in Prague. It is currently being developed and supported by CZ.NIC Laboratories. The BIRD project aims to develop a full-featured dynamic IP routing program, primarily (but not exclusively) for Linux, FreeBSD, and other UNIX-like systems released under the GNU General Public License. It supports both IPv4 and IPv6 (requires -enable-IPv6 for configuration), multiple routing tables, BGP, RIP, OSPF, static routes, and IPv6 router announcements, among others.
VyOS: VyOS is a Linux-based network operating system providing software-based routing functionalities, including various OSPF and BGP routing protocols, integrated firewall, and V** support functionalities. VyOS is essentially a branch of Vyatta (acquired by Brocade Communications).
Virtual Commercial Network Elements (Personal Network Devices)
Researchers argue that while virtualizing core routers is not feasible, at least in the near future, virtualizing backbone edge (PE) routers due to high-performance (throughput) demands might present a more feasible option.
When virtualized, services like L3 V** IP (where each PE device functions as a set of virtual routers), L2 V**, EV** and pseudowires exhibit flexibility and scalability, which would be a major benefit to vendors. Many vendors are considering achieving such virtualization by executing the same in the cloud, such as realizing PE functions.
Much like PE routers, Broadband Remote Access Servers (B-RAS) are nodes in vendor networks aggregating various Internet traffic sources such as DSL, cable networks, wireless broadband networks, and Ethernet into a single network interface emanating from DSLAM devices. It can be a simple router forwarding packets from the core to clients (and vice versa) or a complex router facilitating virtualized functionalities such as IP policies, QoS, packet manipulation, rate limiters, etc., through each user. Virtualizing the B-RAS functionality proves beneficial in terms of cost and flexibility/scalability for network service providers.
Open-source Personal Network Devices
Most previously mentioned open-source software for routing, like Quagga, VyOS, and BIRD, can implement many PE functionalities. Software like IPtables (netfilter) and Radius-server (freeRADIUS) are part of standard Linux distributions and can be used for virtual firewall and virtual AAA, respectively. Software like Snort is used in some NFV application deployments for virtual intrusion detection systems (virtual IDS).
Additionally, other software like MPLS-Linux and xl2tp-daemon can also be used for virtualizing PE functionality. Recently, AT&T and Ericsson jointly proposed an SDN-based L3V** through the OpenDaylight controller.
Virtual CPE
Client Premises Equipment or CPE refers to network terminal equipment typically located at business or residential broadband user’s end and used to interface with the telecommunications service provider’s network. Typically, service providers configure and manage the client premises equipment for enterprise users and residential users by sourcing from different hardware manufacturers.
Without virtualized CPE, adding any new technology, implementing new services, or upgrading security, privacy, and metering capabilities might significantly increase the costs for service providers.
With virtual CPE, most of the CPE functionalities are moved out of the client premises into the service provider’s network (possibly in their data center). This results in a “simplified” CPE that acts as a simple Layer-2 forwarding device connecting to the service provider’s network. Typically, services like DHCP, firewall, NAT, routing, V**, etc., are provided as virtual network functions (VNFs) running as virtual machine (VM) instances in the service provider’s data center.
Open-source vCPE:
Network services such as DHCP, firewall, NAT, DNS (vDHCP, VFW, vNAT, VDNS) can be implemented using open-source solutions, and many can be distributed as part of various standard Linux distributions. For example, DNS and DHCP can be deployed using dnsmasq. However, there hasn’t been an independent open-source project dedicated to NFV and building virtual client premises equipment, such as customer routers, virtual set-top boxes, and virtual home routers.
Virtual Access Network Elements
Functions residing in “remote” DSL nodes within a hybrid fiber, such as FTTcab and FTTdp, generally located on the street or building access networks, are gradually becoming hotspots for virtualization. For economic reasons, these nodes should be as compact as possible, with very low power consumption and very low maintenance costs. Simplifying these remote nodes by virtualizing certain functions such as OLT, DSLAM, ONU, ONT, MDU, and DPU, and offloading complex operations to the virtualized environment, are seen as economically feasible. While no open-source software currently implements these functionalities for virtualization, some major telecom operators like AT&T are moving towards the virtualization of these functionalities, with the hope that they might open-source them in the near future. Hopefully, that wish may soon become a reality!