Feature Articles: New Generation Network Platform and Attractive Network Services

SDN Software Switch Lagopus and NFV Service Orchestrator vConductor for Developing SDN/NFV

Norio Sakaida, Hirokazu Takahashi, Masahiro Yoshida, and Tomoya Hibi

Abstract

In anticipation of the wide deployment of software-defined networking (SDN) and network functions virtualization (NFV), we at NTT Network Innovation Laboratories have been carrying out research and development (R&D) of SDN and related network virtualization. This article presents two of the R&D topics in this field, the software switch Lagopus that corresponds to OpenFlow 1.3, and the NFV service orchestrator vConductor , which is based on global standard techniques.

Keywords: network virtualization, SDN, NFV

PDF

1. Introduction

The implementation of softwarization and the virtualization of network functions are expected to enable flexible and rapid provision of various network services, and therefore, research and development (R&D) and standardization are advancing rapidly in the areas of software-defined networking (SDN) and network functions virtualization (NFV). Recently, the introduction of SDN technologies in datacenters has progressed a great deal with the spread of cloud computing and the progress in network virtualization technologies, and the application of SDN by telecommunications carriers and in large-scale corporate networks is fully underway. Furthermore, the application of NFV to mobile communication core networks is being actively investigated. In light of this, researchers at NTT Network Innovation Laboratories are working on developing a network platform in which new technologies and services can be rapidly introduced by utilizing software that has flexibility, and we have therefore quickly taken on the R&D of SDN and network virtualization.

In this article, we introduce two of our research topics: the high-capacity, high-performance SDN software switch Lagopus and the important NFV service orchestrator vConductor actualized for NFV.

2. Lagopus: SDN software switch

Lagopus is not only intended for datacenters; we also plan to apply it to wide area networks utilized by telecommunications carriers, and we have therefore been actively conducting R&D in order to achieve the required performance and functionality. Some of the current specifications are listed in Fig. 1.


Fig. 1. Lagopus specifications.

In terms of performance, Lagopus supports a transmission speed of 10 Gbit/s and over 1 million flow rules. Since 40-Gbit/s and 100-Gbit/s network interfaces have become less expensive, we are targeting even higher performance levels in the future.

In terms of functionality, Lagopus supports a wide range of OpenFlow specifications that include functions targeting wide area networks such as multiprotocol label switching (MPLS) and bandwidth control. Furthermore, we are expanding the range of applications from not only physical networks but also the functions that connect virtual machines and the combined resource allocation administrator that supports multiple management interfaces. By actualizing all of these types of performance and functions with software operating on generic x86 architecture servers, we can reduce equipment costs and achieve rapid introduction of network services.

In July 2014, we released Lagopus as open source software (OSS). We provided it as OSS so that it would be widely applicable and widely used. Various Lagopus events have been held and hands-on exhibits sponsored, which have resulted in an active SDN market. We and other users are continuing to investigate new SDN use cases.

Here, we present two proof-of-concept demonstrations involving the use of Lagopus as application examples of various SDN use cases.

2.1 SDN-IX

The ShowNet is a network constructed at venue sites during the annual Interop Tokyo event. It is not merely an experimental network; it is also a utilization network operated as Internet service providers and carriers for exhibiting companies and attendees.

At the Interop Tokyo 2015 ShowNet, an SDN-based Internet exchange (SDN-IX) (Fig. 2) was deployed as a new SDN use case. Its dynamism was demonstrated in the Internet exchange (IX)*1 that connects networks used at the exhibition sites to external networks. The switch that actualizes the SDN-IX was the Lagopus switch. No failures occurred during the event, thus proving stable operation.


Fig. 2. Network configuration of SDN-IX for Interop Tokyo 2015 ShowNet.

Furthermore, through cooperation with the NECOMA (Nippon-European Cyberdefence-Oriented Multilayer Threat Analysis) project, we were able to actualize flexible services through SDN that IXes up to now could not provide such as protection from attack traffic and mutual connections between different VLANs (virtual local area networks). The results of demonstrating various services and components were evaluated, and Lagopus received the Interop Tokyo 2015 Best of Show Award SDI (Software Defined Infrastructure) Special Prize.

2.2 Segment routing

Segment routing is a network path control method that utilizes the advantages of centralized management networks and distributed management networks. It is currently undergoing standardization by the Internet Engineering Task Force. In segment routing, segment identifications (IDs) are assigned to nodes and links. Route optimization in the network is autonomously and dispersively performed while advertising segment IDs using routing protocols such as the Open Shortest Path First (OSPF) protocol. In addition, when using MPLS labels, the traffic route can be autonomously and freely controlled by associating a segment ID with a specific traffic flow.

By coordinating our existing OSPF implementation with Lagopus, we achieved segment routing and presented a demonstration at the Intel Developer Forum 2015. In the demonstration, we conducted segment routing based traffic control as shown in Fig. 3, assuming that different network services must be provided depending on the contract conditions for each client. More specifically, we implemented control to see if we could pass through the client firewall based on the contract conditions of each client and showed that we could limit access to malware sites. As an actual use case for SDN, we presented an appealing case for simply controlling traffic using software, which received a high evaluation.


Fig. 3. Example of segment routing traffic control.

*1 IX: Equipment that interconnects Internet service providers.

3. vConductor: NFV service orchestrator

vConductor is an NFV service orchestrator prototype developed by NTT Network Innovation Laboratories that connects multiple cloud services and enables construction of network services through simple operation.

3.1 End-to-end (E2E) NFV service orchestrator

vConductor operates through a simple GUI (graphical user interface) and can automatically construct virtualized network functions (firewalls, routers, load balancers, etc.), web system functions (web services, databases, etc.), and applications, as shown in Fig. 4, by utilizing the infrastructure as a service (IaaS) of multiple cloud providers. In terms of CPE (customer premises equipment) for an enterprise user base, this prototype actualizes E2E NFV service orchestration that can create and control virtualized network services that combine multiple networks such as virtual private networks (VPNs), the Internet from telecommunications companies, and IaaS from cloud providers [1]. Through assignment of network functions, vConductor can create network services with a wide variety of cloud services and can automatically construct redundant virtual networks with backup datacenters. Thus, the user can easily recover the system by simply switching to the backup system when a failure occurs.


Fig. 4. vConductor features.

3.2 Architecture that extends global standard technology

We adopted the NFV specifications developed by the European Telecommunications Standards Institute Industry Specification Group for NFV (ETSI ISG NFV), an international standardization body, in vConductor as an architecture framework for extending NFV. The relationship between the NFV reference architecture framework prescribed by ETSI ISG and the vConductor architecture is shown in Fig. 5. In the ETSI ISG framework on the left, the (1) OSS/BSS (operations support system/business support system), (2) NFV orchestrator, (3) virtualized network function (VNF) manager, (4) virtualized infrastructure manager, and (5) EM (element management) system correspond respectively to the (1’) user portal, (2’) service recycle management, various databases, resource design, SLA (service level agreement) assurance, (3’) embedded VNF managers, (4’) virtualized infrastructure managers, and (5’) element managers of vConductor.


Fig. 5. Relationship between NFV reference architecture framework and vConductor system structure.

In January 2014, ETSI ISG NFV released a technology standard document called Group Specifications that compiled the results of activities carried out over a period of about two years and included work on use cases, a framework, application management and orchestration (MANO) functions, and infrastructure construction. In the current Phase 2 activity, multiple vendors are developing the MANO functions, and progress is being made on formulating the technical specifications for the interface between each function block. In addition, we are furthering our investigations into abstraction models and APIs (application programming interfaces), reliability and quality, and application management related technologies.

We are developing a vConductor prototype while referring to the specifications of ETSI ISG NFV, including the defined interfaces between each function block (e.g., Or-Vnfm, Os-Ma, Or-Vi).

3.3 Multi-purpose scheduling function

In NFV, both physical resources such as hardware equipment and logical resources on virtual machines are managed objects, and therefore, resource management inevitably becomes complex. We are developing a multi-purpose optimization method called the Multi-objective Resource Scheduling Algorithm (MORSA) [2] that can assign NFV infrastructure (NFVI) resources while considering multiple constraints and stakeholder policies at the same time. MORSA is a new algorithm that is an improvement over the genetic algorithm [3] concept, and it has been adapted for NFVI resource optimization. In MORSA, two types of limiting conditions, namely NFVI resource constraints and VNF constraints, are converted to objective functions. Adjusting the weight balance between each function while performing calculations enables multiple limiting conditions and stakeholder policies to be considered at the same time, and a diverse Pareto solution set*2 can be derived, as shown in Fig. 6. In this way, the optimal datacenter can be selected for the VNF arrangement based on the multiple service requirements (delay, cost, etc.).


Fig. 6. MORSA concept.

*2 Pareto solution set: The generally obtained solutions when optimizing multiple functions, and a set of solutions showing the tradeoff among functions when changing any of the objective function values. This is also referred to as a Pareto optimal solution.

4. Future development

We are striving to achieve even higher performance and higher functionality of Lagopus. For vConductor, we are targeting better operating management technology and application preparation, contributing toward standardization, and pursuing a wide range of fruitful R&D.

To accelerate technological development, we are not only advancing OSS activities but also further cooperating widely with partners with expertise in various fields such as international and domestic vendors and research institutions while promoting the establishment of collaborative technology.

References

[1] W. Shen, M. Yoshida, T. Kawabata, K. Minato, and W. Imajuku, “vConductor: An NFV Management Solution for Realizing End-to-end Virtual Network Services,” Proc. of the 16th Asia-Pacific Network Operations and Management Symposium (APNOMS 2014), TS2-2, Hsinchu, Taiwan, 2014.
[2] M. Yoshida, W. Shen, T. Kawabata, K. Minato, and W. Imajuku, “MORSA: A Multi-objective Resource Scheduling Algorithm for NFV Infrastructure,” Proc. of APNOMS 2014, TS4-2, Hsinchu, Taiwan, 2014.
[3] M. Mitchel, “An Introduction to Genetic Algorithms,” The MIT Press, Cambridge, MA, USA, 1996.
Norio Sakaida
Senior Research Engineer, NTT Network Innovation Laboratories.
He received his B.E. and M.E. from Tohoku University in 1992 and 1994. He joined NTT Optical Network Systems Laboratories in 1994 and engaged in research on photonic network technologies. He was with NTT Communications, where he developed a digital television transmission network and VPN services, from 1999 to 2005 and from 2010 to 2014, respectively. From 2005 to 2010, he worked on the development of a 40G-DWDM (dense wavelength division multiplexing) system and submarine transmission systems at NTT Network Service Systems Laboratories. He joined NTT Network Innovation Laboratories in 2014 and has been engaged in research on network virtualization technologies such as NFV and SDN. He is a member of the Institute of Electronics, Information and Communication Engineers.
Hirokazu Takahashi
Senior Research Engineer, NTT Network Innovation Laboratories.
He received his B.E. and M.E. in electrical engineering from Nagaoka University of Technology, Niigata, in 2000 and 2002. His current research focuses on high-performance packet processing techniques.
Masahiro Yoshida
Research Engineer, NTT Network Innovation Laboratories.
He received a Ph.D. from the University of Tokyo in 2013. He was a research fellow for young scientists at the Japan Society for the Promotion of Science (JSPS) in 2011 and 2013. His research interests include SDN, NFV, and datacenter networking.
Tomoya Hibi
Research Engineer, NTT Network Innovation Laboratories.
He received his B.E. and M.E. in computer science and engineering from Toyohashi University of Technology, Aichi, in 2010 and 2012. His current research focuses on high-performance packet processing techniques.

↑ TOP