Deployment Of Virtual Network Functions Research Articles

Virtual Network Function Deployment and Service Automation to Provide End-to-End Quantum Encryption

The nature of network services has drastically changed in recent years. New demands require new capabilities, forcing the infrastructure to dynamically adapt to new scenarios. Novel network paradigms, such as softwaredefined networking (SDN) and network functions virtualization, have appeared to provide flexibility for network management and services. The reliance on software and commoditized hardware of these new paradigms introduces new security threats and, consequently, one of the most desired capabilities is a strengthened security layer when connecting remote premises. On the other hand, traditional cryptographic protocols are based on computational complexity assumptions. They rely on certain mathematical problems (e.g., integer factorization, discrete logarithms, or elliptic curves) that cannot be efficiently solved using conventional computing. This general assumption is being revisited because of quantum computing. The creation of a quantum computer would put these protocols at risk and force a general overhaul of network security. Quantum key distribution (QKD) is a novel technique for providing synchronized sources of symmetric keys between two separated domains. Its security is based on the fundamental laws of quantum physics, which makes it impossible to copy the quantum states exchanged between both endpoints. Therefore, if implemented properly, QKD generates highly secure keys, immune to any algorithmic cryptanalysis. This work proposes a node design to provide QKD-enhanced security in end-to-end services and analyze the control plane requirements for service provisioning in transport networks. We define and demonstrate the necessary workflows and protocol extensions in different SDN scenarios, integrating the proposed solution into a virtual router providing QKD-enhanced IPsec sessions.

Low-latency orchestration for workflow-oriented service function chain in edge computing

To realize a cost-efficient, affordable, economical, flexible, elastic and innovative network service, the concepts of Network Function Virtualization (NFV) and Software-Defined Network (SDN) have emerged in edge computing. In the case of NFV deployment, most research regards the deployment of Service Function Chaining (SFC), which is composed of several series-connected Virtual Network Functions (VNFs). Current NFV deployment approaches concern how to efficiently deploy the chaining service requests. They do not consider the possible form of the service requests in edge computing. Furthermore, the study regarding response latency in NFV is limited to the chaining service requests. Most studies consider the deployment of several VNFs in one SFC onto the same substrate node to reduce the total latency and resource consumptions. In this paper, we first propose a novel workflow-like service request (WFR), which is completely different from the chaining service request. Then, a Dynamic Minimum Response Time considering Same Level (DMRT_SL) has been proposed to efficiently map the workflow-like requests in edge computing. We use a randomly generated topology as our underlying network. It can be seen from the data obtained from a large number of simulation experiments that DMRT_SL not only is particularly outstanding in terms of response time delay but that blocking rate and deploy time behavior are also particularly surprising.

Performance evaluation of revised virtual resources allocation scheme in network function virtualization (NFV) networks

The design, management, and operation of network infrastructure have evolved during the last few years, leveraging on innovative technologies and architectures. With such a huge trend, due to the flexibility and significant economic potential of these technologies, software-defined networking (SDN) and network functions virtualization (NFV) are emerging as the most indispensable key catalysers. SDN/NFV enhancing the infrastructure agility, thus network operators and service providers are able to program their own network functions (e.g., gateways, routers, load balancers) on vendor-independent hardware substrate. One of the most important considerations in NFV deployment is how to allocate the virtual resources that are needed to provide flexible virtual network services in an NFV-based network infrastructure. Thus, the most important prerequisite for NFV deployment is achieved fast, scalable and dynamic composition and allocation of networks functions (NFs) to implement network services (NSs). We have proposed a revised RA algorithm that integrates embedding and scheduling of virtual network functions (VNFs) simultaneously. In this paper, performance evaluation of the revised RA algorithm is performed and the proposed algorithm is applied more effectively in NFV environment where the demand for resources is flexible and concentrated.

Constructing Service Function Chain Test Database: An Optimal Modeling Approach for Coordinated Resource Allocation

Network function virtualization (NFV) has become an emerging issue in both academia and industry. By outsourcing network functions from dedicated hardware to virtualization platform, NFV promises to significantly improve the scalability and flexibility of network management and orchestration. One of the main challenges for NFV deployment is to realize coordinated service function chaining on NFV-based infrastructures. This challenge is referred to as the coordinated NFV resource allocation (coordinated NFV-RA) problem which is proved to be NP-hard. In order to response timely to the service variation, many heuristic or meta-heuristic algorithms are proposed to reduce the computing complexity. However, it is very difficult to evaluate the approach degree between obtained sub-optimal solutions and the optima, since finding the optimal solution is a non-trivial task. In this paper, a novel modeling approach called homogeneous link mapping is proposed to find the optimal solutions of a typical three-stage coordinated NFV-RA model with CPLEX. Then we further establish a service function chain (SFC) deployment database with optimal solutions and the results in the database can be used as a criterion to evaluate other SFC algorithms. In order to imitate different practical networks, the SFC deployments are conducted on three type network topologies. And we also analyze the SFC deploying performance on different topologies. At Last, we make the optimal modeling approach open source, and upload the database on http://www.opensource5g.org/database .

An efficient data exchange mechanism for chained network functions

Thanks to the increasing success of virtualization technologies and processing capabilities of computing devices, the deployment of virtual network functions is evolving towards a unified approach aiming at concentrating a huge amount of such functions within a limited number of commodity servers. To keep pace with this trend, a key issue to address is the definition of a secure and efficient way to move data between the different virtualized environments hosting the functions and a centralized component that builds the function chains within a single server. This paper proposes an efficient algorithm that realizes this vision and that, by exploiting the peculiarities of this application domain, is more efficient than classical solutions. The algorithm that manages the data exchanges is validated by performing a formal verification of its main safety and security properties, and an extensive functional and performance evaluation is presented.

On the Placement of VNF Managers in Large-Scale and Distributed NFV Systems

The European Telecommunications Standards Institute management and orchestration framework is designed to enable automated management of the network services and their corresponding virtualized network functions (VNFs). In that context, the network function virtualization (NFV) orchestrator (NFVO) manages the lifecycle of the network services and coordinates with the VNF managers (VNFMs) which manage the VNFs lifecycle. In large-scale and distributed NFV deployments, these management functions face critical challenges such as delays, and variations in VNFs workload. Placing NFVO and VNFM in a large-scale distributed NFV deployment is therefore a very challenging problem due to the potential negative impact on performance and operational cost. However, to the best of our knowledge, the problem has not yet been addressed in the literature. This paper is a first step toward a solution to the overall problem. It focuses on the VNFM placement and aims at minimizing the operational cost without violating the performance requirements. We call this the VNFM placement problem (MPP). We provide an integer linear programming formulation and propose a tabu search algorithm to solve larger instances of the MPP. We evaluate our algorithm in a real-world large-scale scenario. The results show that it leads to significant reductions in the operational cost of large-scale distributed NFV deployments.

Evaluation of Forwarding Efficiency in NFV-Nodes Toward Predictable Service Chain Performance

The concept of network functions virtualization (NFV) has been embodied in commercial networks over the past years. Software-based virtual network functions have forwarding performance concerns in general, and various acceleration technologies have been developed so far, such as DPDK and vhost-user. Existence of several alternatives requires network engineers or operators to select appropriate technologies; however, no pragmatic criterion exists for constructing high-performance NFV-nodes. From their points of view, a lack of common benchmark and understanding of performance characteristics makes it difficult to predict hop-by-hop performance in a service chain, which results in prevention of NFV deployment in mission-critical networks. In this paper, we clarify performance characteristics of packet forwarding in NFV nodes focusing on three types of acceleration technologies; packet I/O architecture, virtual network I/O, and forwarding engine in a practical stage. We examined three packet I/O architectures (NAPI, netmap, and DPDK), three virtual I/O mechanisms (vhost-net, vhost-user, and SR-IOV), and four practical forwarding programs (Open vSwitch, OVS-DPDK, xDPd-DPDK, and Lagopus) with three referential programs (Linux Bridge, VALE, and L2FWD-DPDK). The experiment was conducted on a 40 GbE environment and we examined two device-under-test machines having different CPU performance. We argue performance characteristics of each technology and give quantitative analyses of the result. The key findings are: 1) CPU core speed has impact on both throughput and latency/jitter; 2) DPDK can allow performance prediction; 3) vhost-user is appropriate for real environment; and 4) OVS-DPDK provides a good combination of performance and functionality.

Fault and performance management in multi-cloud based NFV using shallow and deep predictive structures

Deployment of network function virtualization (NFV) over multiple clouds accentuates its advantages such as flexibility of virtualization, proximity to customers and lower total cost of operation. However, NFV over multiple clouds has not yet attained the level of performance to be a viable replacement for traditional networks. One of the reasons is the absence of a standard based fault, configuration, accounting, performance and security (FCAPS) framework for the virtual network services. In NFV, faults and performance issues can have complex geneses within virtual resources as well as virtual networks and cannot be effectively handled by traditional rule-based systems. To tackle the above problem, we propose a fault detection and localization model based on a combination of shallow and deep learning structures. Relatively simpler detection has been effectively shown to be handled by shallow machine learning structures such as support vector machine (SVM). Deeper structure, i.e., the stacked autoencoder has been found to be useful for a more complex localization function where a large amount of information needs to be worked through to get to the root cause of the problem. We provide evaluation results using a dataset adapted from fault datasets available on Kaggle and another based on multivariate kernel density estimation and Markov sampling.

Dynamic Scaling of Virtualized, Distributed Service Chains: A Case Study of IMS

The emerging paradigm of network function virtualization advocates deploying virtualized network functions (VNF) on standard virtualization platforms for significant cost reduction and management flexibility. There have been system designs for managing dynamic deployment and scaling of VNF service chains within one cloud data center. Many real-world network services involve geo-distributed service chains, with prominent examples of mobile core networks and IMSs (IP Multimedia Subsystems). Virtualizing these service chains requires efficient coordination of VNF deployment across different geo-distributed data centers over time, calling for new management system design. This paper designs a dynamic scaling system for geo-distributed VNF service chains, using the case of an IMS. IMSs are widely used subsystems for delivering multimedia services among mobile users in a 3G/4G network, whose virtualization has been broadly advocated in the industry for reducing cost, improving network usage efficiency and enabling dynamic network topology reconfiguration for performance optimization. Our scaling system design caters to key control-plane and data-plane service chains in an IMS, combining proactive and reactive approaches for timely, cost-effective scaling of the service chains. We evaluate our system design using real-world experiments on both emulated platforms and geo-distributed clouds.

Models and algorithm of optimization launch and deployment of virtual network functions in the virtual data center

The goal of our investigation is optimization of network work in virtual data center. The advantage of modern infrastructure virtualization lies in the possibility to use software-defined networks. However, the existing optimization of algorithmic solutions does not take into account specific features working with multiple classes of virtual network functions. The current paper describes models characterizing the basic structures of object of virtual data center. They including: a level distribution model of software-defined infrastructure virtual data center, a generalized model of a virtual network function, a neural network model of the identification of virtual network functions. We also developed an efficient algorithm for the optimization technology of containerization of virtual network functions in virtual data center. We propose an efficient algorithm for placing virtual network functions. In our investigation we also generalize the well renowned heuristic and deterministic algorithms of Karmakar-Karp.

Virtual Network Functions Deployment between Business Expectations and Technical Challenges: The T-NOVA Approach

Background: This paper belongs to the series of research documents describing the progress in the specification and development of the T-NOVA framework offering a marketplace for virtual network functions. T-NOVA is an international research project co-funded by the European Commission. Objective: Although, the idea of having a marketplace enabling buying, composing, and deploying “virtual” services on the fly is promising, its implementation or prototyping remains far from realization. This is mainly due to the limitations in the existing cloud computing platforms on top of which the services should be built. Method: In this paper, we discuss the T-NOVA approach and in particular some of the Virtual Network Functions (VNFs) that have been developed in this context. Special attention is paid to the design and specification of the VNFs as well as the related technical challenges that were faced when deployed within the marketplace. Results: Real-world considerations for handling VNF Lifecycles, Monitoring and Networking have also been discussed. We have highlighted two examples of Service Chaining where several VNFs are combined through the T-NOVA Marketplace to create added-value services. Some experiments and test results are also provided. Conclusion: In this paper, we have provided an overview on the T-NOVA Platform with a special focus on the deployment and performances of a wide variety of Virtual Network Functions implemented during the project. It is expected that the challenges and opportunities described in this paper will help foster innovation around NFV and will help pave the way for practitioners and researchers alike to further extend the use of Network Function virtualization in the future.

SNF: synthesizing high performance NFV service chains

In this paper we introduce SNF, a framework that synthesizes (S) network function (NF) service chains by eliminating redundant I/O and repeated elements, while consolidating stateful cross layer packet operations across the chain. SNF uses graph composition and set theory to determine traffic classes handled by a service chain composed of multiple elements. It then synthesizes each traffic class using a minimal set of new elements that apply single-read-single-write and early-discard operations. Our SNF prototype takes a baseline state of the art network functions virtualization (NFV) framework to the level of performance required for practical NFV service deployments. Software-based SNF realizes long (up to 10 NFs) and stateful service chains that achieve line-rate 40 Gbps throughput (up to 8.5x greater than the baseline NFV framework). Hardware-assisted SNF, using a commodity OpenFlow switch, shows that our approach scales at 40 Gbps for Internet Service Provider-level NFV deployments.

Guest Editors’ Introduction: Special Issue on Management of Softwarized Networks

There is currently a strong interest in both industry and academia in the softwarization of telecommunication networks and cloud computing infrastructures. This evolution is enabled by three paradigms. First, Software-Defined Networking (SDN) allows network control to be separated from the forwarding plane and allows for a flexible management of the network resources. Second, Network Virtualization (NV) brings virtualization concepts to the network, similar to cloud computing, which was enabled by virtualization of servers. Third, Network Function Virtualization (NFV) focuses on virtualization of software-based network functions. Instead of installing and managing dedicated hardware devices for these functions, they are implemented as software components and deployed on commodity hardware infrastructures, in most cases operated by a network operator or cloud infrastructure provider. Service Function Chaining (SFC) consists of building services using virtual network functions (VNFs). These three paradigms are synergetic and reinforce each other when used together. Several initial SDN, NV and NFV deployments are already operational in providers’ networks.

Resource Allocation in NFV: A Comprehensive Survey

Network functions virtualization (NFV) is a new network architecture framework where network function that traditionally used dedicated hardware (middleboxes or network appliances) are now implemented in software that runs on top of general purpose hardware such as high volume server. NFV emerges as an initiative from the industry (network operators, carriers, and manufacturers) in order to increase the deployment flexibility and integration of new network services with increased agility within operator’s networks and to obtain significant reductions in operating expenditures and capital expenditures. NFV promotes virtualizing network functions such as transcoders, firewalls, and load balancers, among others, which were carried out by specialized hardware devices and migrating them to software-based appliances. One of the main challenges for the deployment of NFV is the resource allocation of demanded network services in NFV-based network infrastructures. This challenge has been called the NFV resource allocation (NFV-RA) problem. This paper presents a comprehensive state of the art of NFV-RA by introducing a novel classification of the main approaches that pose solutions to solve it. This paper also presents the research challenges that are still subject of future investigation in the NFV-RA realm.

Cost analysis of initial deployment strategies for virtualized mobile core network functions

A virtualized network infrastructure is composed of multiple virtualized network functions (VNF) interconnected by well defined interfaces, and thus forming a VNF-graph. The initial deployment of such a VNF-graph inside a data center (DC) is a complex task with multidimensional aspects compared to deploying a single VNF that may represent a single network function. The problem space becomes more complex when each VNF is further decomposed into multiple VNF components (VNFC), where each VNFC embodies a subset of network functions attributed to the respective VNF. The challenge is to ensure that the deployment strategy meets the intra-functional constraints between the multiple VNFCs constituting the VNF-graph while ensuring service, performance and operational integrity, and also ensures optimal utilization of the underlying resources of the DC infrastructure (DCI). In this article we analyze the cost incurred by two “constraint-based heuristically applied” initial VNF/VNFC deployment strategies with reference to a virtualized mobile network infrastructure providing EPCaaS (evolved packet core as a service) while taking into consideration functional and administrative constraints. The cost of deployment is measured in terms of the utilization of DC infrastructure resources such as compute and networking. We also present the discussion in view of the ETSI NFV MANO framework, undergoing standardization, that is responsible for management and orchestration of NFV systems including VNF deployment.

Virtualization of residential customer premise equipment. Lessons learned in Brazil vCPE trial

Abstract This paper presents Telefónica approach for virtualizing residential customer premises equipment (vCPE), showing how the equipment at a customer's home can be simplified and how the management of resources and services improves as a result. This use case of virtualization enables the operator to shift most functions from the residential gateways towards the carrier own network, by running them on general-purpose servers at the operator premises. This makes it possible that network functions such as IP routing, IP address management (DHCP), address translation (NAT), firewall, Set Top Box functionalities (live TV, VoD, etc.), etc. are maintained and upgraded from the most efficient location. Because of the expected high impact onto the economics of the Telco network operations, the virtualization of the CPE is considered by the authors as one promising use case of Network Virtualization technologies. The virtual CPE approach is being tested in Brazil (where Telefónica operates under the Vivo brand), and represents a great opportunity for learning lessons on development and deployment of Virtual Network Functions (VNFs). Some of them are summarized in this paper.