Iben from Spirent talks at the SDN World Congress about the importance of and issues with NFV...
-
Upload
iben-rodriguez -
Category
Technology
-
view
571 -
download
1
description
Transcript of Iben from Spirent talks at the SDN World Congress about the importance of and issues with NFV...
October 16th 2014 - SDN World Congress - Dusseldorf, Germany
Performance – Scaling out NFV implementation...
Iben RodriguezPrincipal ArchitectCloud / Virtualization
version 03–10-16-2014
2 PROPRIETARY AND CONFIDENTIAL
Background – virtualization - SDN (NVo3) - NFV (VNF) Decision Process Technology Adoption Lifecycle Typical use cases for Virtualized Network Functions Virtualization Impact on the Datacenter Options for Testing and traffic generation Importance of Testing Methodologies Example python script for automation and test case
generation CPU Core Distribution – lessons learned Continuous Testing – integrating all this into the
development and release deployment lifecycle.
Let me tell you a story...
3 PROPRIETARY AND CONFIDENTIAL
4 PROPRIETARY AND CONFIDENTIAL
Service Providers have big SDN/NFV plans
5 PROPRIETARY AND CONFIDENTIAL
Must maintain SLAs
Limited bandwidth available in network – adding links is expensive
Increased VoIP/Video applications putting a stress on networks
Network resilience – convergence, failover, protection switching, fast reroute, minimal service disruption
Creation and management of Traffic Engineering service paths
Stringent requirements for fault management & OAM
SDN for Service Providers
6 PROPRIETARY AND CONFIDENTIAL
7 PROPRIETARY AND CONFIDENTIAL
Typical Technology Adoption S-Curve
8 PROPRIETARY AND CONFIDENTIAL
9 PROPRIETARY AND CONFIDENTIAL
SDN/NFV Timeline
2013
2015
2016
2017-2020
2014
POC
Field Trials
Start of Commercial Deployment
Widespread small Commercial Deployment
The new normal
10 PROPRIETARY AND CONFIDENTIAL
Testing Implications
Performance Benchmarking
Security & Reliability
Management & Orchestration
Test VM M&O system for in lab environment
Seamless integration of test VMs with SPs M&O systems for live & post deployment environment
Test fault detection capability of M&O systems
Management & Orchestration
Performance Testing
Performance benchmarking of VNFs, hypervisors and COTS H/W
Portability & Interoperability
Performance isolation
On demand scale testing
VM Migration
Security & Reliability
Service continuity
Fail-over convergence time
Testing security for resources shared across VNFs
Topology validation
11 PROPRIETARY AND CONFIDENTIAL
12 PROPRIETARY AND CONFIDENTIAL
13 PROPRIETARY AND CONFIDENTIAL
Virtualization Impact
SP Mobility
Cloud DC SP Access/Edge
Underlay Network
Network virtualization
vRouter testing
vBRAS testing
PCE/BGP-LS validation10/40/100G
Overlay Network
Orchestration
vEPC Capacity
Offload testing
Busy hour call Modeling
Service Chaining
Elastic Performance
Service Availability
VM Migration
Multi-tenancy
Virtual Infrastructure
14 PROPRIETARY AND CONFIDENTIAL
P-GW
Network Service Provider
Data Center Interconnect
Cloud ServicesCloud
ServicesCloud Services
Intra-DC network
SDNNFV
Cloud Service Provider
VMVM …VNF VNF …
Cloud ServicesCloud
ServicesCloud Services
Intra-DC network
SDN NFV
Cloud Service Provider
VMVM …VNF VNF …
SP Core
SP Edge
Wireless
2G3G4GWifi
Residential
Enterprise
CopperFiberCable
CopperFiberCable
MBH
Testing for Service Provider and Cloud Datacenter VNFs
SDN
NFV
SDN NFVSDN
NFV
SDN
NFV
Edge
Core
Edge
MMES-GW
…P-GW
EPC
Layer 2-3 TestingAccess, Edge, Core
Mobility TestingvEPC Cloud Testing - Data Center
15 PROPRIETARY AND CONFIDENTIAL
vFW
vBNG
vRouter
vCE
vFW
vBNG
vRouter
vCE
Controllerplatform
OSS/BSS Open Stack / Cloud Stack
Applications Test tools/Methodologie
sREST API
Open Flow
PCEPBGP-LS
NETCONG/YANG
SNMPNETCONF
Focus Areas – Network Testing
ControllerTopology / Config
Manager
Stats / Monitoring
Northbound API
Southbound API
Segment Routing
MPLS Switching Routing, VPNs
16 PROPRIETARY AND CONFIDENTIAL
DX2
FX2
MX2
100GMODULES
DX2 FX2 MX2
Interface: CFP2 CFP4 (adaptor Q4)
QSFP-28 (adaptor Q4)
Speed per Interface: 1x100G (Now) 2x40G (4Q) 8x10G (4Q)Available: Now (100G)
Interface: CFP2 CFP4 (adaptor Q4)
QSFP-28 (adaptor in Q4)
Speed per Interface: 1x100G Available: Q4 (Dec), 2014
Interface: CFP2 CFP4 (adaptor Q4)
QSFP-28 (adaptor in Q4)
Speed per Interface: 1x100G Available: Q4 (Nov), 2014
17 PROPRIETARY AND CONFIDENTIAL
100G TechnologyFlexibility
A Single Module for Multiple Technologies
Native Interface of CFP2
Pluggable & Mixable Adaptors for:• CFP4• QSFP-28• CXP
Available on all DX2, FX2 & MX2 Modules
18 PROPRIETARY AND CONFIDENTIAL
Emulate CPE requesting multiple addresses Pack multiple IA_NA and IA_PD in a single message
sequence• IA_NA (Identity Association for Non-Temporary Address)
• IA_PD (Identity Association for Prefix Delegation)
DHCPv6 Multiple AddressesNew Product BPK-1320
19 PROPRIETARY AND CONFIDENTIAL
Use case–Validate failure convergence of vRouter
Orchestrator(e.g. OpenStack)
SDN Controller
Monitor
Config
COTS Servers hosting VNFs
STC test orchestrator
(Velocity)
REST
Onboard vRouter, vFW and vIDS instances on COTs server and connect to STC chassis as shown
Initiate high scale control and data plane traffic from STC (e.g. BGP, OSPF) & establish vRouter upper limits
Initiate failure from STC (BFD timeout or link failure)
Validate the migration of VNFs to another server and measure convergence times for control plane and traffic
vRoutervIDSvFW
vRoutervIDSvFW
STCSTC
Primary
Backup
20 PROPRIETARY AND CONFIDENTIAL
The Spirent EVCI Solution
Automation Virtualization
Continuous Integration
Source & Artifact Control
Build artifacts
Initiate iTestAutomation Manage VMs
iTest projectsTest artifacts
iTest automationprojects
Test Artifacts
Support files
Build artifacts
Leverage iTest automation to manage the integration between CI and the virtual environment
21 PROPRIETARY AND CONFIDENTIAL
• PCI Bus Utilization
• CPU Wait Time per core
• Memory Utilization per socket
• Power usage - efficiency
• Storage Input Output
Metrics to evaluate during test iterations
22 PROPRIETARY AND CONFIDENTIAL
Complex Vendors / Technologies Landscape
VSwitchVSwitchVSwitch
OpenFlow Controller
Management Console
NFVNFVNFV Compute / Storage
Overlay Network (VXLAN, NVGRE)
Underlay Network
NFV
NV
Open Flow
23 PROPRIETARY AND CONFIDENTIAL
VSwitchVSwitchVSwitch
OpenFlow Controller
Management Console
IDSNATFirewall
Service Chaining Concepts =Need for Cross Layer Technology Validation
10/40/100G
24 PROPRIETARY AND CONFIDENTIAL© 2013 Brocade Communications Systems, Inc. Company Proprietary Information 24
Packet Pipeline
Packet Pipeline
Vyatta 5600 vPlane ArchitectureIntel DPDK
VM
Packet
Packet
Packet
Core 0 Core 1
Core 2 Core 3
Core 4 Core 5
Core 6 Core 7
Packet
Packet
Packet
25 PROPRIETARY AND CONFIDENTIAL 04/10/2023© 2010 Brocade Communications Systems, Inc. CONFIDENTIAL—For Internal Use Only 25
VNF Router Performance with DDoS MitigationETSI NFV POC #9 (NFVPER(14)000024a3)
Use case and scenario• ETSI use case #2, VNFaaS• Security VNF DDoS
mitigation
Benefits• Protects networks and
apps• Preserves bandwidth
Performance observation• Line rate forwarding• Line rate detection /
dropping
26 PROPRIETARY AND CONFIDENTIAL
#! /usr/bin/env python # test-calc.py # Created by Iben Rodriguez on 7/14/14. import time import datetime row = 0 print ("*** BEGIN TEST-CALC.PY JOB RUN = " + datetime.datetime.now().strftime("%y-%m-%d-%H-%M-%S")) print ("row, dut, platform, fabric, driver") for dut in ["DevA","DevB", "DevC"]: for platform in ["KVM","Hyper-V","ESXi","LXC"]: for fabric in ["FLAT","LOCAL","VLAN","GRE","VXLAN"]: for driver in ["linuxbridge","openvswitch","hyperv","ncs","arista","cisco_nexus","l2population"]: row += 1 print ((format(row,'04d')) + ", " + (dut) + ", " + (platform) + ", " + (fabric) + ", " +
(driver) ) print ("row, dut, platform, fabric, driver") print ("*** END JOB RUN = " + datetime.datetime.now().strftime("%y-%m-%d-%H-%M-%S"))
Example Python Script for test case generation
27 PROPRIETARY AND CONFIDENTIAL
Python script test output
28 PROPRIETARY AND CONFIDENTIAL
8 ports, 1 CPUs, 8 cores, 1 DUT, single
29 PROPRIETARY AND CONFIDENTIAL
8 ports, 2 CPUs, 8 cores, 2 DUTs, not distributed
30 PROPRIETARY AND CONFIDENTIAL
8 ports, 2 CPUs, 8 cores, 2 DUTs, distributed
31 PROPRIETARY AND CONFIDENTIAL
Management and Orchestration Architecture
32 PROPRIETARY AND CONFIDENTIAL
Velocity EVCI – Virtual Network Test Beds Orchestration
Test Suites
Cloud Under Test (CUT)
OpenFlowController & Switch
EmulationVXLAN/Geneve
Switch Emulation
10/40/100G
Spirent Elements
Test SuitesTest Suites
Test Suites
Topology TemplatesvDUT Image Management
Spirent VCT LAB – NEPHOSCALE Public Clouds –
RAVELLO
Test VMs
Customer’s Servers, Spirent HW/SW
10/40/100G Test VMs
Spirent Hosted Elastic Virtual Private Test BedsBenchmark-A-A-S
AmazonGoogle
Test VMs
Azure
Customer’s CI
Orchestration
Bare Metal Servers
Bare Metal Servers
Customer / On-Premise
Jenkin Jobs (instantiate test environment, run
test)
Results
Virtual Test Bed Instances / Jenkins Jobs
Virtual Test Bed Instances / Jenkins Jobs
=
33 PROPRIETARY AND CONFIDENTIAL
33
Spirent TestCenter
OpenFlow Switch
Emulation
Spirent Communications Thank You – Questions?
For this and other exciting testing products for SDN and OpenFlow please see us at booth #28
• Emulate 1000+ OpenFlow 1.3 Switches using pre-canned topologies per port
• Support LLDP Topology Discovery• High Rate Packet-In testinghttp://www.spirent.com/go/sdnshowcase [email protected]
• Interactive, multidimensional network topology view
• 360⁰ navigation with context-aware network controls
• Clearly see areas of congestion
http://www.real-status.com/sdn
34 PROPRIETARY AND CONFIDENTIAL
35 PROPRIETARY AND CONFIDENTIAL
BACKUP
36 PROPRIETARY AND CONFIDENTIAL
Fail-over Convergence
Spirent Velocity
VNF
VNF
Southbound Interface
Netconf, Openflow, PCE,
BGP-LS
Spirent Velocity
VNF
37 PROPRIETARY AND CONFIDENTIAL
Service Chaining
Spirent Velocity
VNF VNFVNF
Spirent Velocity
Southbound Interface
Netconf, Openflow, PCE,
BGP-LS
38 PROPRIETARY AND CONFIDENTIAL
VM Migration
VNF
VNF
VNF
Spirent Velocity
Spirent Velocity
VNFVNF
Server 1
Server 2
Southbound Interface
Netconf, Openflow, PCE,
BGP-LS
39 PROPRIETARY AND CONFIDENTIAL
Typical Multi-Core CPU Network Port Mapping
40 PROPRIETARY AND CONFIDENTIAL
4 Core CPU balanced across PCI BUS
41 PROPRIETARY AND CONFIDENTIAL
LACP Hot-Standby & Multi Chassis LAG New Product LAG Emulation BPK-1312
DUT
STC
ICCP
Traffic
Support for Active/Stand-by ports in a MC-LAG configuration
Support for DUT configured Min and Max ports in a LAG DUT is typically the Master (higher System ID)
• DUT determines which ports are Active based on Partner Port ID
• Remaining ports put in (Hot)Standby mode (LACP Out-Of-Sync)
Break one or more links on the Active set
Measure Frame Loss Duration for traffic to switch to Standby-Ports
42 PROPRIETARY AND CONFIDENTIAL
BGP Router Block Coming Soon – Q4 (Oct)
DUT
Route Count=1MStartIP= iMix 11.0.0.0 Netmask /8 - /31
Bidirectional traffic
BGP Router Count=16KRtrID:199.1.1.1/32IPv6 RtrID=2999::1/128
DUT
Route Count=160KStartIP= 2011:: Netmask /64
PPPoE/DHCP/L2TPoPPoE
Session Count=16KIpv6 Intf Start=2000::/32
STC Route
Blk
Usecase3
BGP with BFD CPD Router Count=10KRtrID:199.1.1.1/32Intf. IP=10.1.1.1/24VlanID 1 - 200010K BFD @ 100ms
DUT
Route Count=200KStartIP= 11.0.0.0 Netmask /24
Bidirectional trafficUsecase2
BGP Router Count=10KRtrID:199.1.1.1/32Intf. IP=10.1.1.1/16
BGP Router Block
BGP Router Block Access Session Block
BGP Route Block
BGP BGP Router Count=10KRtrID:198.1.1.1/32Inf. IP=100.1.1.1/16
BGP Router Block
BGP Route Count=1MStartIP= iMix 101.0.0.0 Netmask /8 - /31
BGP with BFD CPD Router Count=10KRtrID:198.1.1.1/32Intf. IP=100.1.1.1/24VlanID 1 - 200010K BFD @ 100ms
Route Count=200KStartIP= 101.0.0.0 Netmask /24
BGP & BFD Router Block
BGP & BFD Router Block
BGP & BFDBGP & BFD
Bidirectional traffic
43 PROPRIETARY AND CONFIDENTIAL
DHCP over L2GRE New Product – Emulation over L2GRE (BPK-1319)
Wi-Fi Offload
Gateway
3GCore
4GCore
Data Networks
STC emulates UE, SSID, & AP
STC emulates Core side
UE SSID AccessPoint DHCP Server
GRE Tunnel Wifi
Offload Gateway
DHCP
DHCP Discover
DHCP Offer
DHCP Request
GRE Tunnel
DHCP Ack
Data Packet
Data
44 PROPRIETARY AND CONFIDENTIAL
Segment Routing w/ IGP(OSPF/ISIS)MPLS Simplified and OptimizedNew Part Number BPK-1317 (OSPFv2) & BPK-1318 (ISIS)
DUT B
STC D
STC C
STC A STC-E
10.1.1.0/24
RID= 1.1.1.12SID=12
RID= 1.1.1.10SID=10
RID= 1.1.1.11SID=11 RID= 1.1.1.99
SID=99
IF=0,
Cost=
x,
Adj=90
01
RID= 1.1.1.2SID=2
RID= 1.1.1.1SID=1PHP off
IF=1, Cost=
y
Adj=9002
IP dest=10.1.1.1
Label=99
IP dest=10.1.1.1
Label=1,9002,99
IF Cost x=y, =>ECMP, Equal Cost Multi-path, load sharing
IF Cost x<y, => Path through Node C preferred
Explicit path
IGP determined path
Leverage existing MPLS forwarding and VPN services Reduced State – LDP & RSVP protocols no longer needed Scalable – Fewer number of MPLS Labels to manage Reliability & Availability - entirely automated 50msec Fast Reroute
or Failover
45 PROPRIETARY AND CONFIDENTIAL
SP-SDN – Testing the PCE controllerNew Product BPK-1315 (PCC) & BPK-1316 (PCE)
SDN (PCE)Controller(DUT)
A
DRequestSLA Path
Traffic Engineering Database (TED)
Stateful PCE Traffic Engineering status
BGP-LS/BGP-TEReport
Data Analytics
Capacity planningCalendaring
REST APIThrift API
North
South
UpdateInitiate
STC
STC
STC
Top Down Design - Use existing network infrastructure, only update head-end/ingress node
In built High Availability - No need to replicate MPLS and IGP Fast ReRoute(FRR), protection switching mechanisms
Separates Network Path Computation from Topology Determination
Networks nodes still have knowledge of the topology and can fast reroute in case of failure
PCE controller – Optimizes paths to meet SLAs without using the High Cost Links(Shortest Path)
46 PROPRIETARY AND CONFIDENTIAL
Use case–Validate performance and auto scaling of vBNG
Orchestrator(e.g. OpenStack)
SDN Controller
Monitor
Config
Compute
Storage Network
Virtualization
vSTCvBNG
vSTC
vBNG
COTS Server hosting VNFs
STC test orchestrator
REST
Onboard vBNG and vSTC VMs using vendor orchestrator and/or Spirent plugin
Assign appropriate cores/memory to VNFs and originate/terminate traffic on vSTC
Measure the vBNG’s upper limits for control and data plane performance
Validate the auto scaling capability of the BNG by ensuring that additional cores are assigned to vBNG or additional vBNGs are spawned under following circumstances• Data plane scale beyond normal limits
• Control plane scale (increasing PPPoE sessions)
47 PROPRIETARY AND CONFIDENTIAL
48 PROPRIETARY AND CONFIDENTIAL
Spirent‘s Strategic Foundation
Validate high density edge & core
routers
Next-gen protocols &
scale testing
Improve customer
experience
Leader in SDN/NFV testing
Embed Spirent in millions of
devices
• FX2/MX2100G
• FX2/MX2 10G, 1G
• CFP2/CFP4• 400G
• Transport vehicles
• Home appliances
• Monitoring in SDN/NFV environments
• Port Grouping
• MVPN• LDPv6• Protocol &
stream scale
• Virtual infrastructure testing
• VNF testing• Methodolog
ies• PCE, BGP-
LS
• Site surveys
• CR reduction
• CET
Currently Available In Progress 1-3 years