Internet Technologies of the New Generation

researches in the area of computer networks and internet technologies in Russia, developement of the most breakthrough computer networks technologies of the new generation

SDN & NFV

In the field of information technology (IT), the approaches to networks building are changing based on the convergence of two technologies: SDN (Software-Defined Networking) and NFV (Network Function Virtualization). This convergence is possible due to deeper penetration of software management into services implementation and due to development of virtualization. The idea is to increase the value of software in a network, simplifying the value of hardware as much as possible.

Software Defined Networking

SDN – or Software Defined Networking – means the physical separation of the network control plane from the forwarding plane, where the control plane controls several network devices. SDN is a new dynamic, manageable, cost-effective, and adaptable architecture, providing the high-bandwidth important for the dynamic nature of today's applications.

The SDN architecture is:

  • Directly programmable: Network control is decoupled from forwarding functions and therefore directly programmable.
  • Agile: Abstracting control from forwarding lets network administrators dynamically adjust network-wide traffic flow to meet changing needs.
  • Centrally managed: Network intelligence is (logically) centralized in software-based SDN controllers that maintain a global view of the network, which appears to applications and policy engines as a single, logical switch.
  • Programmatically configured: SDN lets network managers configure, manage, secure, and optimize network resources very quickly with the help of dynamic, automated SDN programs that they can write themselves because these programs do not depend on any proprietary software.
  • Open standards-based and vendor-neutral: When implemented through open standards, SDN simplifies network design and operation because instructions are provided by SDN controllers instead of multiple, vendor-specific devices and protocols.

The main reasons to revise the traditional network architecture:

  • Changes in traffic patterns: Applications that commonly access geographically distributed databases and servers through public and private clouds require highly flexible traffic management and access to bandwidth on demand.
  • «IT consumerization»: The Bring Your Own Device (BYOD) and IoT trends demand that networks are both flexible and secure.
  • The rise of cloud services: Customers expect to have 24/7 access to applications, infrastructure, and other IT resources.
  • The importance of high-bandwidth: Big Data processing involves a massive parallel processing that requires additional capacity and any-to-any connectivity.
  • The complexity of modern networks: adding or moving a device in a network or changing of network policies have become too complex, time consuming, demanding the involvement of a network administrator, and may discourage the entire network.
  • Difficult Scaling: a time-honored approach of link oversubscription in order to provide scalability is ineffective with the dynamic traffic patterns in virtualized networks. This problem is even more acute in service provider networks.
  • Vendor Dependence: the impossibility to apply any changes not involving vendors, long waiting time for necessary changes, and a lack of standard, open interfaces limit the ability of network operators to tailor the equipment to any individual tasks.

Network Function Virtualization 

Network Function Virtualization (NFV) offers a new approach to designing, deploying, and managing of network services. It separates such network functions as NAT, firewall, intrusion detection, DNS, traffic filtering, etc. from the proprietary hardware and allows to run them on commodity servers with the special software. NFV consolidates all network components required to support fully virtualized infrastructure, including virtual servers, storage systems, and even other networks.

The main advantages of NFV:
  • Flexibility: Operators can develop and deploy new services as fast as possible and require much more flexible and scalable network.
  • Costs: costs is a major factor for any operator or service provider, especially now, when there are such examples as Google and several other corporations that have moved their data centers onto commodity switches (white box) to reduce costs.
  • Scalability: To meet the changing needs of customers and to provide new services, telecom operators and service providers must be able to scale their network architecture on multiple servers with no limitations due to hardware capacity.

SDN and NFV technologies have a lot in common and both belong to the new generation of computer networks. They may co-exist in the same network environment and share many common characteristics and features. Never the less, SDN and NFV appeared independently and in different areas of the ICT industry. Software Defined Networking relates to IT and is mostly used for virtualization of network resources in data centers (DC). Network Function Virtualization belongs to telecom; it is used in telephone companies, telecom operators and access providers, such as, for example, Telefonica, Deutsche Telecom, and AT&T. Such companies are extremely interested in the possibility to use cheap virtual machines (VMs) instead of expensive «middleboxes». These VMs may be located on the common servers of a data center that  allows to move such services as BRAS, FireWall, IMS, DPI, and CDN to a "cloud", and if there is a cloud platform, to make this “cloud” manageable and scalable.

Thus, historically, SDN and NFV technologies developed in parallel, not particularly paying attention to the features and capabilities of each other. SDN means management, network protocols stack, the revision of the network management principles. NFV means lower ROI, marketing, business and architecture, the speed of new services introduction, customers’ differentiation. Both approaches aim to reduce network complexity, ensure scalability and management automation, to improve the power of physical networks infrastructure with overlaid virtual infrastructure, to simplify deployment, to automate administration and reduce OPEX and CAPEX.


SDN and NFV Interaction

There are three possible options for SDN and NFV interaction: SDN-based NFV, where SDN controls placement, interaction, and chaining of virtualized functions; NFV-based SDN, where SDN is a virtualized service in a certain tenant; and SDN+NFV, where two technologies exist in various combinations.

In the case of SDN-based NFV, we use the SDN controller, managed by the platform controlling the physical resources, for the management of the physical infrastructure. In order to adjust the developed geographically distributed infrastructure with VPN, we must use MPLS, properly set up the equipment and have a very qualified staff. Imagine an operator network that provides services to organize VPN of the L2 level for enterprises. This is currently made using MPLS / VPLS solutions, where you must first design the virtual network, and then configure all network devices. We can virtualize the design function of VPLS tunnels using a simple graphical user interface (GUI) and the SDN-Controller will configure switches. In this case, we can create a whole chain of services for different traffic patterns. We put a powerful server with a platform with NFV-support into network infrastructure, controlled by the SDN-Controller. It allows you to manage services chains in not only pro-active, but also in reactive, dynamic way.

For NFV-based SDN, where SDN is used as a virtualized service, we can imagine a tenant that is a virtualized infrastructure of a large enterprise. An understandable desire of a CEO of such an enterprise is to have control over the routing policy and over the traffic safety of such a service. In this case, it is possible to place the controller with the corresponding system for applications on one of the virtual machines, and it will manage a virtualized network of this tenant. Sometimes CEOs do not want to think of supporting the controller performance, and then there is a need to consider the controller as a stand-alone virtualized service and to connect your tenant to this function. As input data of the specification routing policy and network administration are given, while the controller performs the implementation.

Finally, the third case - SDN combined with NFV, where inside a data center you can use the first or the second option, but this will be a geographically distributed environment with a single level of orchestration. Any tenant owner or end user is not interested in the information, where and how (in a cloud) we implement our services. Thus, we create a network of data centers with virtualized services and under the control of a single orchestrator, who manages the whole environment.
It is worth noting that there many approaches to combine the data center network that would be under the control of different cloud platforms. The user of such an infrastructure has to think, how to migrate his applications from one hypervisor to another, or as in the case of OpenStack, how to switch from one version to another. Do not think that this is a single environment that runs on a single physical infrastructure; it may be a geographically distributed network of data centers over which there is a cloud platform and the level of orchestration that enforces the desired function on the local infrastructure management in the interests of user tasks.