Over the last 10 years, the consumption model for telecommunications service provider networks has evolved. Voice and data revenues have plateaued while data traffic and related costs increase. Digital natives require mobile access to the latest digital services on an increasing basis. Service providers must adapt existing infrastructure and operations to run more efficiently to cope with mounting capacity demand. Networks must be nimble, expanding and shrinking as network resources are used, agile, accommodating rapid service creation and delivery, and significantly cheaper and easier to operate.
Toward this end, service providers are deploying network functions virtualization (NFV) infrastructure that runs network functions - such as routers, switches, and firewalls - as applications in a virtualized environment on commercial off-the-shelf (COTS) equipment. This provides low-cost infrastructure, freedom from vendor lock-in, and the ability to scale the network as demand grows and shrinks.
Recently, Affirmed Networks® and Red Hat, both leading providers of NFV-related solutions, implemented and tested an NFV offering for mobile packet core functions, called the virtualized evolved packet core (vEPC) solution. The offering combines the Affirmed Mobile Content Cloud™ with Red Hat’s NFV infrastructure based on Red Hat® OpenStack® Platform. Test results demonstrate the flexibility and scalability benefits of NFV, and establish a new performance benchmark.
MOBILE PACKET CORE VIRTUALIZATION
The evolved packet core (EPC) was originally standardized by 3GPP to provide long-term evolution (LTE) mobile broadband and voice over LTE (VoLTE) services. Tired of extending the capacity of their EPC using physical network functions (PNF), typically involving vertically integrated software on top of purpose-built hardware, service providers are now deploying NFV-based mobile packet core capability.
With NFV, network functions are deployed as virtual machines (VM) on COTS, cloud-based infrastructure, rather than as dedicated physical hardware.
With a single infrastructure for virtual network functions (VNFs), service providers can increase system utilization and streamline administration with a scalable cloud framework to meet new demand. Since new network functions and services are created and deployed virtually, innovation is less risky. New services can be quickly spun up to test market opportunity, and if that opportunity is not realized, decommissioned just as fast, improving business agility and increasing infrastructure flexibility.
Although the transition from PNF to VNF in a cloud infrastructure is not a trivial process, and some service providers prefer to operate a hybrid mobile core, the deployment of an entire virtualized evolved packet core (vEPC) can be achieved today. A vEPC is composed of multiple virtualized functions that reflect those of their physical counterparts. Network functions that are targeted for virtualization within the mobile packet core include:
- PGW (packet data network (PDN) gateway).
- SGW (serving gateway).
- MME (mobility management entity).
- TWAG (trusted wireless access gateway).
- ePDG (evolved packet data gateway).
- PCEF (policy and charging enforcement).
- PCRF (policy and charging rules function).
- DPI (deep packet inspection).
- CG-NAT (carrier-grade NAT).
When implementing mobile packet core virtualization, it is crucial to first understand and capture the requirements of the mobile services and applications running on the mobile packet core.
AFFIRMED VEPC AND CUPS ARCHITECTURE
Affirmed’s Mobile Core vEPC supports the 3GPP control and user plane separation (CUPS) specification that provides independently scalable pathways for both user plane and control plane. This feature provides agility for various network deployments without changing the functionality of the network elements, such as the SGW, PGW, or traffic detection function (TDF).
CUPS provides independent scaling that brings service providers additional architectural flexibility, because it allows them to ramp up only the data plane or control plane functionality needed for the network. This avoids wasteful over provisioning of user plane or control plane VNFs to meet the peak capacity of other VNFs.
This functionality becomes even more important as additional cellular networks support Internet of Things (IoT) traffic, which has different workloads and use cases with different performance requirements from consumer networks. For example, consumer services use more data plane capacity while IoT networks need more signaling capacity. CUPS also supports a distributed network model for use cases that require low latency, such as video content distribution network (CDNs), or high bandwidth, such as fixed wireless. For these deployments, user plane nodes can be hosted at distributed edge datacenter locations, and the control plane nodes can be placed at more centralized locations.
The Affirmed Mobile Core architecture also features an embedded virtual probe in each VNF to collect data needed to better understand the network traffic patterns, congestion points, application, and subscriber behavior. This data provides valuable information, allowing service providers to more smartly invest in network infrastructure that improves customer experience and identify opportunities for new service offerings. The virtual probe can be colocated in any Affirmed VNF, (MME, S/PGW, ePDG/TWAG, GiLAN), providing a geographically distributed data collection strategy that can collect real-time data analytics in a cost-effective manner.
The mobile core also supports the Affirmed Virtual Slice Selection Function (vSSF) that facilitates fine-grained network slicing to provide dedicated bandwidth for specific customers or specific markets.
The Affirmed Mobile Core VNF architecture collapses VNFs into a cluster of scalable and specialized VMs, each of which is a single managed entity. Service providers can enable, disable, or scale a particular VNF to match the need of the application. When compared to architectures with numerous, independent VNFs, the Affirmed Mobile Core architecture is more manageable and easier to scale. Other benefits include:
- Packets are input, classified, processed, and output by a single network element rather than multiple network elements.
- Metadata is shared among Affirmed VNFs. For example, the international mobile subscriber identity (IMSI), Mobile Station International Subscriber Directory Number (MSISDN), International Mobile Equipment Identity (IMEI), and cell ID are advertised to all VNFs for incorporation into local policy and header enrichment.
- DPI is performed once and its conclusions are advertised to all clustered VNFs.
- Gateway General Support Node (GGSN), PGW, SGW, and Wi-Fi Gateway (ePDG and TWAG) can all be independently scaled.
The flexibility and scalability provided by the Affirmed Mobile Core VNF architecture can provide the performance and high availability needed for rapidly evolving services and demands.
NETWORK PERFORMANCE AND OPTIMIZATION
The fundamental business model for service providers is to provide critical services to a large pool of subscribers within the limits of the regulated service interruption or contracted service-level agreement (SLA). In order to meet ever-increasing performance demands, Red Hat continuously evolves NFV optimization capabilities in Red Hat OpenStack Platform. These optimization features include single root input-output (I/O) virtualization (SR-IOV) and data plane development kit (DPDK)- accelerated Open vSwitch (OVS-DPDK).
SINGLE ROOT I/O VIRTUALIZATION (SR-IOV)
Although PCI (Peripheral Component Interconnect) passthrough can provide near line-rate performance to the VNFs, it limits the flexibility of the deployment because it breaks the software abstraction as it creates a tight coupling between the VM and the network interface controller (NIC). The SR-IOV extension of the PCI express (PCIe) specification allows a device, such as a NIC, to separate access to its resources among multiple PCIe hardware functions. In the NFV infrastructure, SR-IOV allows different VMs to share a single NIC.
With support for SR-IOV in Red Hat OpenStack Platform, Red Hat partner solutions for vEPC can achieve the performance required for their applications without sacrificing the ability to share physical NICs among VMs. This ability retains the needed software abstraction and decouples hardware from software.
DPDK-ACCELERATED OPEN VSWITCH (OVS-DPDK)
The DPDK is designed to run in a user’s space for fast packet processing. This ability results in delivering up to wire speed performance for specific use cases depending on processing depth. DPDK provides the most significant performance improvement for applications required to handle many small packets (~64 bytes).
Red Hat has bundled Open vSwitch with DPDK to achieve improved performance, resulting in a DPDK-accelerated OVS (OVS+DPDK). At a high level, this architecture is transparent to the VNFs, as the interfaces it exposes are predominantly unchanged.
TRAFFIC PROFILE AND DIMENSIONING
The features of vEPC range from standard 3GPP capabilities to functions that add additional value, such as DPI, URL enrichment, and video or content caching.
Service providers are managing rapid bandwidth growth through network resource management and providing personalized services, including live streaming video, games, music, internet protocol television (IPTV), voice over internet protocol (VoIP), video chat functions, and 4K and 360-degree video formats. These services involve different levels of bandwidth, latency tolerance, and data flow treatment.
Based on the application, the dimensioning of vEPC varies. For example, IoT or machine-to-machine (M2M) applications are typically high in session count but can have low throughput requirements. IoT or M2M typically wake up, deliver the necessary information using small messages, and then go back to sleep. The vEPC must be dimensioned for high memory due to the high session count. Video streaming applications must take user experience into consideration, and these applications typically require high throughput and low latency.
Another example of vEPC dimensioning is billing applications. These applications constantly create and store billing entry data for call data records (CDRs) on disk. In this case, the vEPC must be designed and provisioned for constant input/output operations (IOPs), specifically to support intensive-messaging applications such as the policy and charging rules function (PCRF), for which constant messaging occurs based on the activity of the subscribers.
VoLTE typically implies a large number of small packets, for example, 64 byte packets. However, packets could be larger and vary, based on the codec being used. In summary, there must be design and tuning work performed at the infrastructure level to accommodate different mobile services running on the vEPC.
Table 1 summarizes the general requirements of the vEPC. While some key performance indicators (KPIs), such as session count and total bandwidth requirement, might vary based on the size of the deployment, others remain constant. Important KPIs to monitor include packet loss, jitter, and latency.
AFFIRMED NFV MOBILE CORE PERFORMANCE TESTING
Working with Intel technology experts who witnessed the test set up and parameters, Affirmed demonstrated NFV performance and linear scalability with testing of its Mobile Core vEPC solution and Red Hat OpenStack Platform with SR-IOV optimization feature on servers powered by Intel Xeon Platinum and Gold processors. The emphasis of the tests was on the performance of vEPC dataplane VMs.
The following table details the results of the vEPC testing. The test was conducted using 650-byte packet size, which was selected to show real-world results. Throughput is shown in both Gigabits per second and packets per second to provide comprehensive throughput analysis.
Three different tests were performed for each server:
- Throughput using HTTP/TCP packets with DPI turned on to demonstrate performance with the packet type that represents most of the data traffic on the internet.
- Throughput using UDP packets: Service providers often use this packet type for testing; it has slightly higher performance because it does not retransmit packets.
- Throughput using single data plane VM: In the previous two tests, the traffic was processed by two data plane VMs to show maximum throughput. The single data plane VM test demonstrates performance at the edge of the network where only one may be needed. In addition, linear scaling is demonstrated by showing the performance increase when the single data plane VM results are compared to the two data plane VM results.
(PACKETS PER SECOND)
|PACKET SIZE (BYTES)||MAX I/O CPU
PLANE VM UDP1
|1 million||75.71 Gbps||13 Mpps||650 bytes||82.00%||66.71%|
|TWO DATA PLANE
|1 million||151.43 Gbps||26 Mpps||650 bytes||83.23%||66.62%|
|TWO DATA PLANE
|1 million||121.18 Gbps||21.27 Mpps||650 bytes||66.71%||73.87%|
PLANE VM UDP
|1 million||49.5 Gbps||8.5 Mpps||650 bytes||81.85%||67.8%|
|TWO DATA PLANE
|1 million||100.46 Gbps||17.25 Mpps||650 bytes||84.25%||70.17%|
|TWO DATA PLANE
|1 million||79.77 Gbps||13.84 Mpps||650 bytes||70.62%||69.62%|
RED HAT DELIVERS THE ENTIRE SOFTWARE STACK FOR NFV INFRASTRUCTURE
Red Hat provides an ideal platform for NFV infrastructure. As the only open technology vendor that delivers the entire core software stack needed for NFV, Red Hat can ensure better interoperability, stability, and security across your NFV environment.
As shown in Figure 1, each layer of the Red Hat stack delivers key features for your NFV environment. With this integrated software stack, Red Hat delivers the scalability, deployability, availability, performance, and security needed for effective NFV implementations.
- Scalability. Your NFV infrastructure must be able to scale quickly to meet growing demand for data and services. The OpenStack framework is designed specifically for scalability, and Red Hat OpenStack Platform delivers this in a stable and secure solution.
- Deployability. Any NFV solution must be easily deployable, simply maintained, and well supported. Red Hat excels in open technologies for the enterprise through commercial hardening, integration across the software stack, consulting and training services, and full support.
- High availability. Your network infrastructure needs to be capable of delivering services to your customers around the clock. Every Red Hat product is subjected to intense testing protocols that ensure reliability and interoperability with the rest of your environment.
- Performance. For an NFV solution to be effective, its virtualized functions must meet or exceed the performance of physical implementations. Red Hat’s virtualization technologies are based on the high-performance, Kernel-based Virtual Machine (KVM) hypervisor, the most popular choice for Red Hat OpenStack Platform and cloud deployments.
- Security. As security threats become more prevalent, an NFV infrastructure must ensure data protection. Advanced security features like Security-Enhanced Linux (SELinux) and sVirt are built into Red Hat products. Many organizations that require strong security, including the U.S. National Security Agency (NSA), rely on Red Hat.
AFFIRMED NETWORKS HELPS SERVICE PROVIDERS KEEP UP WITH TRAFFIC DEMAND
Affirmed Networks offers a complete approach to transitioning your networks to a cloud-based architecture that includes the right technology, expertise, and processes to ensure your network is running smoothly. The independent scaling of throughput, session capacity, and signaling allows operators to tailor their network to specific call models or use cases, such as consumer, IoT, mobile virtual network operator (MVNO), or fixed wireless. Affirmed Mobile Content Cloud (MCC) supports CUPS, network slicing, integrated virtual probes, optimized IoT Access (including NarrowBand Internet of Things (NB-IoT), Long-Term Evolution for Machines (LTE-M), and Service Capability Exposure Function (SCEF)), Service Function Chaining (SFC), integrated DPI, and additional services that allow operators to deliver new revenue-generating services.
NFV is revolutionizing the way telecommunications service providers operate and deliver services, allowing them to develop and launch new services quickly and cost-effectively. An open, interoperable mobile network infrastructure lets service providers easily add new internal and thirdparty services, scale quickly to meet growing demand, and migrate legacy services over time. Testing of the Affirmed Networks’ Mobile Content Cloud, using Red Hat OpenStack Platform as the NFV infrastructure, demonstrates a performance up to 151 Gbps with cost-effective scalability needed to support service providers growing demand. For those service providers that need to increase core network performance and also position themselves for 5G service deployment, the Red Hat NFV solution and Affirmed Networks’ Mobile Content Cloud present the next step forward.
With a fully integrated software and storage stack, Red Hat’s NFV solution offers added security and a scalable, high-performance, and reliable platform for vEPC infrastructure. Contact your Red Hat sales representative to learn how an NFV infrastructure based on the Red Hat stack can help you reduce costs, improve agility, and prepare for the future. To explore further operational gains, consider configuration automation tools such as Red Hat Ansible® Automation.
ABOUT AFFIRMED NETWORKS, INC.
Many of the world’s top mobile service providers are using Affirmed Networks’ NFV solution. Affirmed has over 80 customers, including tier-1 and tier-2 providers. Learn more at affirmednetworks.com.
Tests were conducted by Affirmed Networks. Hardware configurations: server with dual Intel Xeon Platinum 8180 processors running at 2.5 GHz with 28 cores, 768 Gigabits of RAM, and 25 GbE connections provided by Intel® Ethernet Network Adapter XXV710 and by four Mellanox(*) two-port, Connect X4LX. Software configurations: Affirmed MCC Rel. 9.0 and Red Hat OpenStack Platform 10. Simulation of user equipment, ENB, and MME conducted using Spirent Landslide® L-C100-M4-TS test servers using 4x L-NIC-66 Quad-port 10Gbps adapters per server.