F5 perspective of nfv+sdn (SDN NFV Day ITB 2016)
17 likes4,685 views
This document discusses SDN versus NFV and F5's involvement with NFV. It defines SDN as separating the control plane from the data plane in forwarding elements, while NFV focuses on porting network functions to commercial off-the-shelf hardware. F5 participates in various NFV standards bodies and supports leading orchestration solutions. F5's products can be integrated with NFV frameworks through standard APIs and virtualization support across major hypervisors.
![© F5 Networks, Inc 13CONFIDENTIAL
Use Case: F5 + VMware NSX Integration
NSX
Manager
NSX Management
Generic
Platform
iApps
NSX
Edge
NSX
vSwitch
User
Generic
Platform
Admin
Cloud Management
& Orchestration
Cloud Management
& Orchestration
Application Services
BIG-IP
Platform
Deploying L3–L7 Services
Application
Workloads
BIG-IQ Cloud and BIG-IQ Device
BIG-IP Local Traffic Manager
Simplified Business Models
• Operational agility at the network services
(Application Delivery Networking [ADN]) layer
• Operational agility for application-specific services
for acceleration, availability, and security (a rich
Layer 7 protocol)
• Delivering a consistent consumer experience
without consuming IT resources better spent
on strategic projects](https://image.slidesharecdn.com/f5perspectiveofnfvsdn-160328070651/85/F5-perspective-of-nfv-sdn-SDN-NFV-Day-ITB-2016-13-320.jpg)
F5 perspective of nfv+sdn (SDN NFV Day ITB 2016)
- 1. CONFIDENTIAL SDN ≠ NFV Kurniawan Darmanto w.darmanto@f5.com Bandung, March 21st, 2016
- 2. © F5 Networks, Inc 2CONFIDENTIAL SDN versus NFV SDN • Separate control plane from data plane in forwarding elements • API-driven forwarding rules in data plane • Initiated by Enterprise Sector • Focused on L2-L4 forwarding NFV • Porting control & forwarding plane network functions to COTS HW • Dynamic provisioning and orchestration of network functions • Initiated by Telco / SP Sector • Focused on entire OSI stack: L2-L7
- 4. © F5 Networks, Inc 4CONFIDENTIAL What is SDN?
- 5. © F5 Networks, Inc 5CONFIDENTIAL • Separation of control and forwarding functions • Centralization of control • Ability to program the behavior of the network using well-defined interfaces • Better way to connect and control the explosion of virtual machines in the data center What SDN does for me?
- 6. © F5 Networks, Inc 6CONFIDENTIAL Why SDN exists? Challenges Configure firewall rules as required by the application Configure Network to insert Firewall Configure firewall network parameters Configure Load Balancer as required by the application Configure Load Balancer Network Parameters Configure Router to steer traffic to/from Load Balancer Service insertion takes days Network configuration is time consuming and error prone Difficult to track configuration on services Service Insertion In traditional Networks Server vFW Switch Router FW Router LB
- 7. © F5 Networks, Inc 7CONFIDENTIAL API Market drivers: • OpEx reduction by automation and centralization • Rapid new application service introduction • Network to provide what application service needs • Reduction of Complexity and Cost for Network Infra SDN Architecture Open Networking Foundation / OpenFlow Source: Software-Defined Network Architecture, ONF White Paper, April 13, 2012 Application layer Application layer Control layer SDN Control Software Network Services API API Control Data Plane interface (e.g., OpenFlow) Infrastructure layer Network Device Network Device Network Device Network Device Network Device
- 8. © F5 Networks, Inc 8CONFIDENTIAL No. F5 connects to those SDN vendors, such as: • Cisco ACI • VMware NSX • Many more… F5 approach is focus on application services (L4-L7). It’s called SDAS. Does F5 have SDN solution?
- 9. © F5 Networks, Inc 9CONFIDENTIAL Control Plane Data Plane Software-DefinedDataCenter SDDC Orchestrator SDN Controller SDN Applications LAYER 2-4 Stateless Fabric Applications NVGREVXLAN Service Chaining Virtual & Overlay Networks L4-7 Stateful Services ??? OPEN APIs Architect / Lines of Business
- 10. © F5 Networks, Inc 10CONFIDENTIAL Applications Rely on Stateful Layer 4-7 Services Router Switch LAYER 2-4 STATELESS SERVICES LAYER 4-7 STATEFUL SERVICES FirewallIdentity and Access DDoS Protection Global Load Balancing Malware Detection ADC Application Security Local Load Balancing Application Performance Secure Web Gateway VIRTUAL AND OVERLAY NETWORKING
- 11. © F5 Networks, Inc 11CONFIDENTIAL SDN (L1-L3) + SDAS (L4-L7) = SDDC Control Plane Data Plane Software-DefinedDataCenter BIG-IQ Security™ BIG-IQ Cloud™ BIG-IQ Device™ BIG-IQ (SDAS Controller) SDDC Orchestrator SDN Controller SDN Applications LAYER 2-4 Stateless Fabric F5 L4-7 SDAS Stateful Fabric Applications NVGREVXLAN Service Chaining iApps OPEN APIs Architect / Lines of Business
- 12. © F5 Networks, Inc 12CONFIDENTIAL Use Case: F5 + CISCO APIC/ACI Integration ACI Fabric Virtual Edition Appliance Chassis BIG-IQ Device Package Device Package F5 Device Package Release Deployment Model BIG-IQ Integration with Cisco ACI 1 2 4a BIG-IQ integration with APIC 1 - BIG-IP expose iApps to BIG-IQ 2 - BIG-IQ create custom device package 3 - Admin import BIG-IQ device package to APIC 4a - APIC sends iApp config to BIG-IQ -> BIG-IP 4b - APIC sends Device config to BIG-IP BIG-IP integration with APIC 1 - Download device package from F5 2 - Admin import device package to APIC 3 - APIC sends config to BIG-IP directly downloads.f5.com 3 32 4b 1 F5SynthesisFabric Device Package F5 Configuration {'state': 1, 'transaction': 0, 'ackedState': 0, 'value': {(5, 'DestinationNetmask', 'Netmask1'): {'state': 1, 'transaction': 0, 'ackedState': 0, 'value': '255.255.255.255'}, (5, 'DestinationPort', 'port1'): {'state': 1, 'transaction': 0, 'ackedState': 0, 'value': '80' BIG-IQ Device PackageF5 iApps Config {'state': 1, 'transaction': 0, 'ackedState': 0, 'value': {(5, 'DestinationNetmask', 'Netmask1'): {'state': 1, 'transaction': 0, 'ackedState': 0, 'value': '255.255.255.255'}, (5, 'DestinationPort', 'port1'): {'state': 1, 'transaction': 0, 'ackedState': 0, 'value': '80' F5 Device Config {'state': 1, 'transaction': 0, 'ackedState': 0, 'value': {(5, 'DestinationNetmask', 'Netmask1'): {'state': 1, 'transaction': 0, 'ackedState': 0, 'value': '255.255.255.255'}, (5, 'DestinationPort', 'port1'): {'state': 1, 'transaction': 0, 'ackedState': 0, 'value': '80'
- 13. © F5 Networks, Inc 13CONFIDENTIAL Use Case: F5 + VMware NSX Integration NSX Manager NSX Management Generic Platform iApps NSX Edge NSX vSwitch User Generic Platform Admin Cloud Management & Orchestration Cloud Management & Orchestration Application Services BIG-IP Platform Deploying L3–L7 Services Application Workloads BIG-IQ Cloud and BIG-IQ Device BIG-IP Local Traffic Manager Simplified Business Models • Operational agility at the network services (Application Delivery Networking [ADN]) layer • Operational agility for application-specific services for acceleration, availability, and security (a rich Layer 7 protocol) • Delivering a consistent consumer experience without consuming IT resources better spent on strategic projects
- 14. Network Functions Virtualization NFV No Functional Value
- 15. © F5 Networks, Inc 15CONFIDENTIAL What is NFV?
- 16. © F5 Networks, Inc 16CONFIDENTIAL NFV Market Drivers © F5 Networks, Inc • 68% consider NFV very important/essential in 2018 – 2020 • 58% of WW SPs are committed to implementing either SDN, NFV or both 82% Increased Operational Efficiency 77% Implementing NFV to accelerate revenue 55% Realized new services that were not possible with current technologies 55% Scaling services up or down quickly AutomationRevenue GenerationNetwork EfficiencyService Agility Statistics provided by Infonetics Research and Heavy Reading
- 17. © F5 Networks, Inc 17CONFIDENTIAL • Software/Functions will be totally decoupled from Hardware • Reduce CapEx: allowing network functions to run on off-the-shelf hardware. • Reduce OpEX: supporting automation and algorithm control through increased programmability of network elements to make it simple to design, deploy, manage and scale networks. • Deliver Agility and Flexibility: helping organizations rapidly deploy new applications, services and infrastructure to quickly meet their changing requirements. • Enable Innovation: enabling organizations to create new types of applications, services and business models. What Problem NFV tries to Solve?
- 18. © F5 Networks, Inc 18CONFIDENTIAL The Pillars of NFV More than just virtualizing a network function Virtualization • Virtual network functions (VNFs/VMs) • Multi-tenancy • High performance • Comprehensive hypervisor support Abstraction • Service and network abstraction • Configuration templates • On demand resourcing Programmability • Data, control, and management planes • Open and production- deployed APIs • Developer-friendly RESTful APIs • Large dev community and ecosystem Orchestration • Unified multi-vendor, multi-service ecosystem • Integration with major vendors like VMware, HP, OpenStack, ALU, CISCO • Policy-driven flows and steering SDN + SDAS = SDDC
- 19. © F5 Networks, Inc 19CONFIDENTIAL • ETSI NFV: F5 is a participant, that follows developments and attend meetings. F5 also have representatives in the IETF meetings that refer to NFV technologies. • OPNFV: F5 currently studying membership/contribution options. • OpenStack: F5 participates with Corporate Sponsor status • ONF: F5 is a member • IETF: F5 Working on the definition of SCF with NSH metadata • Mobile World Congress: F5 participates in NFV demo/POC since 2014 F5 involvement with NFV
- 20. © F5 Networks, Inc 20CONFIDENTIAL • Supports all major Hypervisors (e.g. VMware, KVM, Hyper-V, etc) • Standard APIs and REST APIs • Use ETSI NFV, IETF, OpenStack Forum, Open Networking Foundation and other NFV/SDN standards • Supports leading orchestration solutions: • HP NFV Director • Cisco NSO • Nokia / ALU Cloudband • OpenStack • Puppet • Many more… Does F5 ready to be integrated with NFV?
- 21. VNF-M NFV-O VIM VNFs ETSI VIM VNFs NSO Network Service Lifecycle Manager ESC Virtual Service Lifecycle Manager Openstack Virtualized Infrastructure Manager AFM Firewall F5 LTM Load Balancer F5 APM Policy Manager F5 Network Service Orchestrator Fulfillment & Assurance VNF Adapter VNF Manager (Embedded) Global Resource Orchestrator VIM Adapter (Openstack) AFM Firewall F5 LTM Load Balance r F5 APM Policy Manager F5 HP NFV Director CLOUDBAND ORCHESTRATOR (NFV ORCHETSRATOR) CPAAS LCM (VNF MANAGER) Virtualis ed Infrastr ucture Manag er(s) VIM ALU Cloundband Management System VNF Modeling (TOSCA) (Device, VNFV & Infrastructure Description) AFM Firewall F5 LTM Load Balanc er F5 APM Policy Manager F5 ALU/Cloudband – F5 Integration HP NFV Director – F5 Integration Cisco NSO – F5 Integration F5 Networks 2015 PROPRIETARY & CONFIDENTIAL Adding F5 to the NFV Partner Architecture
- 22. © F5 Networks, Inc 22CONFIDENTIAL • Deployment Guide • https://support.f5.com/kb/en-us/products/big-iq-cloud/manuals/product/bigiq- lbaas-openstack-plugin-setup-4-4-0.html • Version Compatibility • OpenStack: Grizzly/Havana • BIG-IP VE: 11.3+ in OpenStack • BIG-IQ Cloud: 4.4.0,4.5.0 • Features • You need to provision BIG-IP VE on OpenStack Environment • Uses new iControl REST API F5 Integration with OpenStack (Official Ed.)
- 23. © F5 Networks, Inc 23CONFIDENTIAL F5 Service Aligns with “NFV” Approach Os-Ma Se-MaService, VNF, and Infrastructure Description NFV Management and Orchestration VirtualComputing Hardware VirtualStorage Hardware Virtual Network Hardware Ve-Vnfm Vn-Nf Nf-Vi Or-Vi Virtual Infrastructure Manager NFVI Virtualization Layer Computing Hardware Storage Hardware Network Hardware OSS/BSS Or-Vnfm BIG-IP Virtual Edition BIG-IQ BIG-IQ
- 24. © F5 Networks, Inc 24CONFIDENTIAL Use Cases: Being Deployed by Service Providers © F5 Networks, Inc 81% 77% 68% 64% 55% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% SERVICE CHAINING VIRTUAL IMS VIRTUAL EPC VIRTUAL CPE VIRTUAL GI-LAN Top NFV Use Cases Statistics provided by Infonetics
- 25. © F5 Networks, Inc 25CONFIDENTIAL Key Benefits: • Self-Provisioned by Enterprise customers in need of services to support Enterprise IT • Purchase Network services that are easy to provision, scale, and rapidly deploy Deploy Virtual Firewall / Create Business Rules to allow only DNS traffic to pass vFW Deploy Virtual Load Balancer & update with Virtual Pool Members vLB Deploy Virtual DNS pools vDNS WAN Scalable DNSaaS Auto Deploy Heal Fully Automated Deploy Heal Scale Out Scale In LBaaSFWaaS Management & Network Orchestration Case Study: Orchestrated Scaled DNS Service Use Case
- 26. SDN + NFV
- 27. © F5 Networks, Inc 27CONFIDENTIAL Today
- 28. © F5 Networks, Inc 28CONFIDENTIAL NFV
- 29. © F5 Networks, Inc 29CONFIDENTIAL NFV & SDN
- 30. © F5 Networks, Inc 30CONFIDENTIAL F5 Well Positioned for NFV & SDN • ADC Market Leader • Accelerated Insertion of SP Security • PEM gaining traction • Big VE throughput Higher Scalability • Well Placed for Hybrid Networks • New Licensing/Business Models RICH PRODUCT PORTFOLIO • BIG-IQ Enhancements • Openstack plugin support • Customizable plugins for 3rd party MANAGEMENT & ORCHESTRATION • ALU/Cloudband – ecosystem partner • Cisco – APIC/ACI & NSO POCs • HP – active collaboration • Openstack – significant progress • VMware – active collaboration ESTABLISHED/GROWING ALLIANCES • ALU/Nuage Integration • Cisco ACI/APIC Integration • SDAS Positioning gaining traction • Strong SDDC portfolio • VMware Integration STRONG SDN STORY
- 31. © F5 Networks, Inc 31CONFIDENTIAL Good to watch https://www.youtube.com/watch?v=P4EjobItPp0
- 32. © F5 Networks, Inc 32CONFIDENTIAL SDN and NFV will help to…
- 33. © F5 Networks, Inc 33CONFIDENTIAL Visit F5 Community to get more details!