I recently visited the OPNFV Summit (the conference for the Open Platform for Network Function Virtualization). The first software release of the event, named Arno, was completed, to be followed by the release of Brahmaputra release. (In case obscure geography isn't your strong suit, both of those releases share names with major rivers.)
This was the first such summit, and as can be expected, it focused chiefly on developers, but there were some prospective users. Those potential users shared experiences of large network operators (service providers and cloud providers), which in turn has great lessons for those who are interested in the OPNFV project.
NFV refers to network functions such as load balancers and firewalls, which have traditionally been stand-alone appliances or middle boxes. They now have a new deployment model as virtualized appliances, given the increased need for elastic resource allocation for telco clouds for variable scaling, managing of costs, and to provide more agility.
There’s plenty to talk about, but I want to focus on two trends I noticed in a keynote panel:
Will enterprises benefit from NFV?
NFV technology will initially be primarily used by network operators. Once trust has been established in virtualizing network functions (such as by using firewalls in VMs instead of physical appliances), there's an expectation that enterprises will adopt the same NFV concepts. Companies like Zscaler are already providing security-as-a-service, but at this conference, we viewed it with a much broader lens of many network functions.
Yet there are fundamental differences between service providers and enterprises. The differences of the two worlds were described by Chris Wright of Red Hat, who said that telcos care about serviceability and reliability with visibility up and down the stack, while enterprises look at services in silos.
During some keynote talks, we discussed how the model of open-source and collaboration forms a key component of OPNFV (not unlike the OpenDaylight Project). Jim Jagielski of the Apache Software Foundation also talked about their open-source license type, and how their structure enables collaboration for this type of software.
Voice of the End User
I also listened in on a panel titled, “Voice of the End Users” which included Jeff Mogul of Google, Jacob Loveless of Lucera, Hal Stern of Merck, Margaret Chiosi of AT&T and Philip Lucas of Orange. There were many topics discussed, but one item that stood out in my mind is the importance of network automation and using a model that maps constraints and intent from the actual task of implanting it. This is a surprisingly similar vision from Cisco’s ACI, although for a different use-case as ACI is for classic data center networking.
Jeff Mogul described how automation has enabled his firm to manage a large environment. Although there are no conventional enterprise companies, let alone service providers the scale of Google, the lessons for using automation can be used broadly. In his research, they used automation in assisting network design and for reducing errors (such as by describing constraints to auto generate topologies). They hope to put more things into a model (which implies there is a need for formalism and taking stuff out of the software code and putting more things into the model), which means that features can be added more quickly. This reminds me of the ACI policy model.
They want to build a reliable network on top of low-reliability networks and build a logically central control plane across a distributed network. The lessons from SDN vendors apply, and it’s not just a matter of separating the control plane from the data plane. Just as SDN avoids managing a switch device at a time, they want to make sure each VNF (virtual network function) is not managed separately either, and having a central control plane is critical for delivering this. Note that they have NFVs at the edge (in the hypervisor), not in the core network, so the number of NFVs may be very large.
Jim Loveless of Lucera, a service provider for financial service companies, stated that they have one of the largest SDN deployments, but are themselves relatively unknown. They do not sell to consumers or to regular enterprises. but are focused for providing services to large financial institutions. They, too, care about automation, and for them, performance matters. Performance is so critical they will build a microwave link because fibre is too slow. Lucera prefers to design simple networks, and may avoid technologies such as MPLS. In their case, automation is a matter of necessity to meet the performance needs of their business customers.
Hal Stern of Merck said that consistency of end-user experience is key. Reliability is based on the combination of services provided by every level of the stack. The challenge of NFV is where one monitors the state so they can figure out how the network policy decisions can be made at a global or local level. Some things can only be observed at the network level and not at the app level. They are concerned about smart sensors, and say that devices such as a set-box box in no longer the center of everything. The number of devices has gotten so high that the control needs to be centralized so that there can be collaboration to co-create the services.
Margaret Chiosi of AT&T also said that their Domain 2.0 initiative is a way for the phone company to take back some development that has been relegated to vendors in the past. By comparing observed vs. desired state, one can converge towards where the network needs to be tuned and optimized appropriately by respecting potential conflicts that needs to be reconciled. Telcos have a lot of legacy to deal with, but firms like Google do not and that can be a challenge for AT&T. But the common theme between AT&T and Google is realizing that reliance on humans does not scale easily. Google says that if they have a problem, they fix it and have a postmortem, so they can learn quickly and make it a learning experience. I believe AT&T eventually wants to move at that speed too.
Philip Lucas of Orange said that NFV is already being made available to enterprises. Services such as EasyConnect for SMB have been offered by Orange Business Services, allowing customers to create IP-VPN, firewalls, or content filtering, and enables all of them to be set up via a portal. The key goal is to provide basic connectivity at home, and offer more functions centrally via vCPE (virtualized customer premise equipment), and this avoids the truck-roll.
In summary, I feel that automation is important for any network operator – whether they run at scale (service providers), have high regulatory requirements (pharma) or have high performance networks (finance). The lessons of OPNFV will resonate to large operators and enterprises alike on the long-term.
In a future blog, I’ll discuss some exhibits I’ve seen.