 Good afternoon. If you can please take your seats. We'll get started So thank you so much for attending this session. My name is Azhar Said. I'm from Red Hat I'm one of the chief architects and with me is I'm permanent close city on co-founder at Plumgrid and We're gonna talk about what very today We'll talk about the kind of problems that people are experiencing in NFB. So we'll start Explaining a little bit what NFB is why it's great But at the same time we are going to take a little bit of a critical angle on Is it really going to happen? Why why not what things do we have to fix? So we'll we'll have a debate about these things that are going on in the industry. Thank you very much I'm honored to have actually Perry on the stage with me here and as he said We're going to talk about a number of topics around NFB in particular look at virtualized CPE and virtualized PE and how does that how can we create a set of Composable services to deliver the end-to-end service Using of course open stack because it's an open stack conference and of course NFV being the biggest use case and it with an NFV Virtual CPE being the biggest use case of all of all of the three. So let's dive straight into the problem, right? Let's start straight into what is NFV? Why is this helpful? What are the what a service provider is doing with NFV and then Perry will come and talk about you know What's the problem space we are looking into and we'll go into the architecture will discuss all of the details Moving forward So we all know that the network virtualization is a rage these days Why is it because you can now move all of the things that ran on? Dedicated hardware onto commercial hardware of course Virtualizing those capabilities allows you to now grow at a different scale. It provides better capabilities better functionality and You can then now optimize each one of those functions Dedicated hardware has been around for some time. It provided some level of dedicated performance people sold you all these words wonderful different ASICs, but now the forwarding performance of general purpose hardware is also improved considerably and Because of that you're able to now run those functions that were previously only were possible and dedicated hardware Onto this general purpose hardware now also just not it's not just a standard for high volume servers But the because of the ability to run this on general purpose hardware You're now able to evolve components at different scale at different with different capabilities Now future is containers of Course you virtualize it first for virtual machines and then perhaps for containers that provides you a hyperscale type of an environment You need to be able to write those virtual network functions into this new environment and be able to take this So it really provides that benefit in terms of better capabilities better scale better performance overall and you can then optimize this to deliver at a real at cloud scale In terms of virtual network functions, but is that sufficient you have to also look at it from the point of view of What's happening in the industry where are the different technology providers? How do you integrate all of those technology providers together you need of course some sort of a standardized reference model in a framework and That particular standardized reference model allows you to provide some definitions allows you to understand the different approaches that are available and Stitch them together into a holistic architecture with set of standard management interfaces to build this overall scale out model that we just spoke about and That particular framework needs to be flexible enough to allow to you to give you a go-to-market model that that says How can we take different components? compose them together to deliver an end-to-end service, so this idea of Decomposing them evolving them independently Gives birth to a new notion of a marketplace much like you have an app store for the for the mobile world You can potentially have an NFV marketplace which allows you to actually take different network functions Put them together on board them on a common infrastructure Compose a set of services that allow you to deliver that. What's the benefit? Well carriers want flexibility We have established the fact that they want the ability to create services with very high agility then one of the biggest reasons that was cited as as per different set of surveys that was done was to was The reason why we need this set of Decomposition of capabilities and disaggregation of capabilities is the is the ability to move much much faster reduce the Go-to-market time reduce the onboarding time reduce the production time in terms of different sets of services from months down to weeks And days perhaps so service creation becomes Incredibly valuable service creation If you're able to create services faster, you can monetize them better And of course provide operational benefits and cost benefits associated with that why because using a standardized High-volume server architecture to be able to deliver this multi-ten and flexible sets of Services with a very short life cycle Now comes the question, okay So what are the most common use cases of NFE network function virtualization? Well here are four that have emerged pretty much in terms of the the highest valued or most Deployed type of use cases virtualized CPE or sometimes also referred to as cloud VPN or SD when people use different names for that particular function but it's actually quite interesting that Depending on the type of service they're trying to deploy or deliver they can end up actually naming that capability But it's roughly the same the idea of actually taking a virtual network function Running it in the cloud and providing a service or a set of network functions running them in the cloud and providing a service to the end customer in the mobile space which lies I Ims and virtualized EPC are the strongest and I believe there are a number of presentations here at this conference that talk about both of those subjects GI LAN that's also available in the mobility space GI LAN if you don't know is essentially a set of packet handling capabilities on the SGI interface from a On the EPC for the P gateway Now the idea of doing those that packet handling is to do things like video optimization to do things like you know TCP optimization web handling of traffic deep packet inspection and so on and so forth So that's the virtualized GI LAN function That's actually pretty popular from a mobile provider perspective and last but not least if this this is an emerging use case Which is virtualized PE or the provider edge environment now? People have said well, why should I limit myself to taking this virtual network functions and applying them only for customer-promised? services because now we are able to get that level of performance from hardware get that level of forwarding capability and Functionality that's virtualized you can potentially now create provider edge devices as well by stitching functions together To be able to deliver services at a highly dynamic scale Let's quickly take a look at the virtual CPE reference design now in a physical CPE You have a rigid device that has some sort of rigid scaling characteristics and rigid performance characteristics When you disaggregate those capabilities, so what does what does the CPE have today? It has a virtual router. It has some packet inspection. It has some, you know DHCP DNS type of services They're all bundled together in a single software image that runs on a dedicated piece of hardware That's now package dependent from the vendor. That's now, you know Functional dependent from the vendor in terms of what they need to provide and it doesn't scale the way that you wanted it to scale So take that go to the virtualized model. You can disaggregate these set of capabilities You can actually scale them independently You can provide more I mean use Moore's law in terms of economies of scale to actually move in a different direction it's a much lower overhead because then you can put these functions in a centralized cloud like environment and Ensure that you can actually manage them centrally. So thereby providing faster set of services Now one other data point that I'll talk to you about before I hand it off to Perry for for, you know Some more questions and some more details is let's take a quick look at a reference design now again People use different names, but typically broadly if you take a virtual CPE you can classify them into two buckets Something called a thin CPE model something called a thick CPE model in a thin CPE model What you have is essentially a device call it a net call it an interface whatever it is network interface that essentially encapsulates all of the traffic from the customer side and Shunts it over to the data center where in data center you now create that composable services model In a thick CPE device you actually have some processing compute capabilities sitting out at the edge at that customer side Typically people use these two models to do to provide services for either enterprise or residential That's kind of a typical breakdown. It's not necessary that that be the case You can find a thin CPE model in the SMB case and a thick CPE model in the residential case as well if somebody's willing to pay that kind of money, but The point is made which is you have is interesting deployment two different deployment models here where you there is a What I'd like to say is there's actually in the way you compose those set of services using these two models It actually creates some interesting Grammification with respect to how do you place VNF's how do you worry about the design and so on? But we look at that a little bit later But if you just take it this broad reference model and say, okay, life's good. Why VCP can be deployed I can virtualize those net of functions and you see so many different References here in terms of people either announcing VCP service or trialing VCP service and saying yeah This is available. Please go ahead and use it. So then what is the problem? So As I made a nice description explaining what were the motivations for this transformation What's the value? What's the value from a service provider point of view and how they are going to transform their business are offered more service and Minimize their cost and operational efficiencies and how from a technology point of view the vendors that are going to create network Find sense will enjoy a market place and so on so everything looks good and based on the discussions that are going on in the industry Deployments are happening lots of references. Everybody's betting on that We've been working with red hat with some customers creating nice NFB solutions for call centers for BCPs and so on But then we started working together and we started say, okay So so there has to be a problem because somehow what we are seeing is that Adoption is happening but not at the pace where everybody would like to see it and how big is the market? So we started to to try to understand what was going on So I said let's size a little bit the problem on this new transformation on from buying hardware appliances to Transforming into this now of view all and see what are the fundamental problems that we need to focus as an industry In order to make the adoption faster and more successful So the first thing is about okay. We are going to migrate from dedicated boxes to VMs or to some sort of computer structure Let's let's size it. Let's see what big the market would be and how many servers and instance would have and reference design that I was presenting was based on What would be a very simple vcp deployment where you have like say one or two virtual machines per vcp a lot of times one is to provide the routing and security capabilities the other is to provide the VPN capabilities and They essentially map to an existing vcp. So we said, okay, let's let's size it Let's see. Let's check just few major countries in this case is China India Europe and United States And let's see how many houses do we have how many households do we have in those countries? And note that this is not the whole wall. It's just a portion of the wall I said, what if you would have 10% adoption of bcp solutions 30% adoption 50% adoption what if you would use two VMs per CPU and Then you say well, what if I could pack 100 VMs per server which I mean This is a relatively dense apartment and it boils down to Relatively large number of servers 2 million for a 10% adoption and up to 10 million servers for a 50% adoption Those are a lot of servers and those servers are expensive. So we'll we'll touch upon about that Then the other dimension is okay. So this is an NFB cloud packets need to come in and out So what's the bandwidth? What's the packets per second? What's the network traffic that those servers have to handle because if I move from a they get that appliance which let's say 24300 gigabit links to a server that handles the bandwidth How much do I have to pump into each server in order to create a proper solution and Same numbers and now we say well, what if we would like to have 10 megabit cps Which nowadays is a fairly standard or low end connectivity or you would like to have 100 megabits per second cps What if I would like to have one gigabit per second cp and then? Project different options 10 30 and 50 percent and it boils down that a server would have to handle between 500 megabits per second and 50 gigabits per second on the lower side of the scale We are there I mean handling 500 megabits per second and even 5 gigabits per second is not a big deal on the 50 Gigabits per second then Some technologies get you there and we will discuss a little bit more about that But it becomes kind of the second component that needs to be considered So if you look like that you say well based on the number of servers We said that for a 30 50 percent option you would have up to like two to ten million servers We are saying that probably this industry is bigger than all the cloud service providers combine Wait if you think if you translate to a $5,000 per server it would require at least a 50 billion dollar investment on servers to make NFB happen and If you think it like that you are saying well Is this going to happen? I mean well we have to figure out something else in the sense that If we just take it as a transformation from physical to virtual if we just take the kind of obvious aspect that we would say We'd like to instantiate sweet ends on demand. We'd like to have easy operations We'd like to have API and automation and so on all these are great things But there is much more when you go from an industry that has been working in a specific way for 20 years Into a new way. It's not just projecting exactly the same way of thinking the same way of Managing and understanding the concepts that you have in the old way into the new world You have to start thinking. Yes, it's a good model It's a good reference because they can't project my business and I can't carry my customers with it because the customers understand The services that I was projecting in the old wall But as I move them into the new wall is not only to move them into the new wall It's to make them understand that there's different ways of making things that may make the industry more viable So we'll discuss a bit more about that And now we were discussing with us. Well, that's it. I mean this is more or less the sizing But then we started working with service providers and service providers They want a little bit more right because when they create a deployment is not just to provide you a routing and a VPN Capabilities because otherwise I wouldn't monetize it. They ask usually for a little bit more So what do they ask for? So, you know, that that's that's so true You know when when you give flexibility to service providers, they are so they'll look at it and say hey Why do I have to just live with you know, these two packages that you have? Why can't I just now separate everything out? So and create this composable service model that you talked to me about now Let's take an enterprise branch in an enterprise branch. What are the different types of things that go on purely from a network? I'm not even going to talk about the different applications that run purely from a network and network connectivity perspective you have WLC wireless line controllers you have some network functions such as DHCP DNS far wall Right, you have some directory capabilities that are sitting there. You have some IPP VX systems for voice over IP Things and then of course you have the routing function now purely from a network standpoint. These are the things that run That's how many VMs. We are already talking about so the earlier assumption that Perry made was two VMs per Site or per branch or per Right or per customer There you have it. You just blew it apart by having four or five different now when you actually run these on different pieces of hardware today You now need to collapse them down to You know general-purpose hardware with multiple VMs on that hardware that provide you all these type of capabilities And then there's this concept of converged branch that's going on quite a bit Talk to you know if you're an enterprise you understand exactly what I mean And if you're a service provider, you know what the opportunity is sitting in front of you So you need those set of virtualized capabilities now to run on these general-purpose service And so you take away down the assumption of those two VMs per server per customer Now to what five six seven that may be put together or stitched together on a per branch Now how do you actually take those set of VMs and stitch them together? What is this? Capability well, you can do some sort of static mapping and you can say hey I'm gonna I have a data flow that I need to use and I'm going to create what is called a service function chaining to Follow that particular data flow. So that means a packet Needs to be you know marked with some QoS here some traffic shaped here and then you know run through a firewall And then then delivered here That's kind of a topology type mapping where you have a data path you have a fixed data path and Based on some capabilities you're going to insert a new node into that data path And so you do a service insertion associated with that particular data path You could also do a policy context in there Why for example you'd notice something that's going on weird in your network and you suddenly want on the fly Changes to that particular data path to say hey because I saw something that was going on in my network I'm now going to do some more deep packet analysis So a better understanding of what's going on so that I can take action on it Whether it's a security threat or whether it is some some other capability in terms of you know Subscribers complaining that this not happening well if you add those capabilities whether you do this at a branch level Whether you do this inside a data center for all those customers combined You can actually do a policy-based type of an insertion architectures in terms of service function chaining there What does it do to the model so if you actually take a look at all of those different kind of services Here's a laundry list that comes up virtualized firewall application load balancers intrusion protection capability sd1 virtual routing Email subscriber services DNS DHCP NAT blah blah blah and blah Each of these some of them may be bundled some of them may be running independently Now you have to now have the infrastructure that's capable of providing these type of services that can be stitched together Into a service function chain to be able to deliver that virtualized CPE capabilities or that service that you need for from an end user perspective So based on all of these what does the architecture look like? Let's take a quick look at that particular architecture Well, we can redraw the picture and we could say hey It was very very simple We have that particular one server sitting out in the site and then we had this you know Some capability in the cloud that says oh, I have some VMs associated with it with a subscriber I'm going to put those VMs there and pass my traffic through them. Well now you need classifiers You need packet handlers. You need the ability to actually stitch those packets going from left to right Across and route those packets based on the different kinds of capabilities And if you take the residential services example, you need quarter management You need firewall you need parental control and so on so all of these capabilities then need to be stitched together in terms of that composable service model Whether you're doing it for virtual CPE or whether you're doing it for you know, where should I speed? What do they mean from an open stack infrastructure perspective more VMs? more You know functionality higher scale higher bandwidth. So then Perry, how do you go resize this? Yes, so if you see this reference design, we could count easily one two three four five six seven eight nine 10 11 12 13 14 15 VMs So let's be conservative. Let's do the same exercises before Let's try to assume. Let's say six virtual machines for service and let's do the same others before Let's look at certain countries the households and let's look 10% penetration 30 and 50 And you start seeing that the number of servers needed if you could pack 100 VMs per server Starts to be like 6 million for a 10% penetration and 31 million for a 50% penetration So it's kind of difficult to start thinking that those numbers will make sense from an industry point of view So if these numbers were true, I mean, you think what's the size of the pipe was the size of the industry How much money people will spend on these environments? And it's like it's going to be 150 billion dollar investment. So it's not going to happen I mean the whole premise about migrating from existing hardware-based appliance into an exit the six wall into a Virtualized wall. It was about operational efficiencies But there was some capital expenses that they have to be minimized so the idea is that the current approach where we are going in terms of how to transition the industry from Traditional appliances to an NFB market has to be refit a little bit So we were saying, okay, let's let's look at what ideas do we have to Provide in order to make that happen And this is the areas that you say is not only how to go into a whiteboard and design an architecture On how we are going to solve the problems from an automation for service delivery for service creation to create a marketplace To create a way that we are going to monetize the service providers and so on but rather has to be Let's design it in a way that the business aspect that caused the sizing of the system go together And as you see we discussed that there are framing pillars When we start exploring solutions to say, okay When we go beyond the current state of NFB that it's let's say some early deployments I'm successful early projects, but what's going to happen when the industry migrates to 5g let's say when the next big Spend of infrastructure is going to happen and where people are going to start saying, okay Now I'm going to have tons of bandwidth coming from different devices And something that is going to drive this transformation in a more aggressive way So we have to look it in these three pillars. Basically forces that bandwidth you are still talking not working Regardless if you add security or intrusion prevention or email scanning and things like that We're still moving that that is about data in flight The second is from an architecture point of view We have to figure out is moving everything into the public cloud the way to go Into the public cloud or in the NFB cloud or is Keeping everything into the edge the way to go or is a hybrid model and we'll discuss a bit more And the third that we touch upon before was density. It's like how do we make this happen in an effective way? Do we stay with VMs? Do we go to containers? Do we do something else? so I'm going to go a little bit on one by one and Give a high-level discussion about the topic and I'm very curious about the opinion of the audience and after the presentation Please welcome to contact me and discuss. I would like to understand your opinions But essentially let's start with a bandwidth the bandwidth you have two kind of strats The first one is do I want the thing to just work because basically I take The Linux kernel and all the capabilities that go into the Linux kernel with or without SDN vendors and NFB vendors that use it or do I take a specialized frameworks? And what's the complexity in terms of operations in terms of upgrades in terms of managing those two components? And I have to manage this tension In there you see a lot of very interesting initiatives like FIDO FDIO That essentially touch a lot of capabilities and features at the high performance Based on the PDK but again is kind of a networking bubble a little bit alien to the Linux kernel Then you have initiatives like XP, BPF, IO Visor that are emerging as a way to evolve the Linux kernel in terms of programmability flexibility and not only from a networking point of view But even going beyond networking and at the same time promising the performance that the PDK like frameworks offer That's another approach. It will take some time to mature But it's an interesting aspect that aligns more with a kind of Linux community Then of course there is the current probably most adopted aspect in terms of NFB solutions today would be kind of the OBS that was born in the Linux kernel or was born as an entity that runs in the Linux kernel but kind of cross towards the PDK aspect for NFB And then you have other solutions like a lot of F4 on smartNICs There's a lot of vendors that they created solutions that run in hardware for valid reasons for performance reasons for crypto reasons for compression for certain accelerations that may require things beyond just x86 cycles Or because you want to have isolation you want to contain the network capabilities within a domain the smartNIC that has some Programming aspects and separated from the workloads because maybe this is a secure thing that the workloads have to be separated from the Networking policies and of course the tying to SRIOB So all this when you are a service provider that you have to pick a solution There are straight-offs and there are straight-offs in terms of capabilities performance programmability Network only versus going beyond networking and availability today versus availability one year from now one year and a half from now But this is something that you have to consider when you want to create a solution for cloud that scales The second is about architecture as we said there was thin CP thick CP But now if I have a CP solution that all the traffic goes to the cloud to the NFB cloud now Am I consuming bandwidth just to go in and out? What about if I have an office that has multiple locations? And I don't want to go to the public cloud to the NFB cloud in order to come back because I want to have my Printer traffic go point-to-point or my voice traffic or my video traffic So should I explore? Some hybrid model what we call a tether CP which is a CP that you can push some capabilities into the CP Should we consider like things like AT&T's U of CP universal CP that I can push VMs into the CP In a way that I don't have to have all the footprint of the VMs into the NFB cloud Or should I consider different things like what is networking in the future? Do I need to understand I need VP and services I need routing services I need something else or do I provide a policy that my office a can talk to my office b and Traffic is going to be screen based on something else should I change the paradigm of networking from a definition point of view? And about density now there is a lot of Hive-to-work containers basically the obvious one that has to happen is happening We are all putting a lot of effort on making it happen is this notion of saying okay I could use VMs, but I could use containers and just the memory footprint going from VMs to containers would be a huge improvement from a density point of view But is it enough as you saw let's say the numbers that we are showing 40 million servers Even if you cut them by 10 or by 50 there are still a lot of servers So should we start envisioning something else like there's a lot of going on in the in the cloud wall with what now is called Serverless computing, which is nothing else than essentially having functions that they don't have execution threads They are just ready to run when an event that affects them triggers them. Well, networking is similar I get packets I get connections and I have to perform something Do I have to have bm's and containers always running and consuming memory and Execution threats or should I have a set of Functions that belong to certain tenants that they are going to execute when a packet comes So a lot of innovation a lot of discussion is going to emerge on these things But just as a finish I think a star will will get a little bit deeper But what what we've been doing is essentially integrating Right had solutions and plummeted solutions in order to deliver the best of great that we can do today And this is an industry that is moving very fast And we should always remember that it's not about what will come two years from now three years from now five years From now is about how do we transform the business one step at a time? How do we move the operational aspects and we prepare for the future while we keep working very hard on the problems that we Exposed today, so maybe you want to talk a little bit more about the solution that we have together Yeah, I think so I think very late out really, you know the three different aspects, which is extremely important Now, how do you take that and actually build a framework around the whole thing to deliver a complete solution? So we work very closely with plum grid to come up with Hey, there are aspects to managing the networks tenants, you know Overlay underlay and so on and then there's an aspect to actually creating that particular infrastructure. That's highly scalable highly flexible So if you take for example red hat open-stack platform that allows you to actually build that particular infrastructure Automate that using something like Ansible manage that whole life cycle using something like cloudforms to manage IQ And all of these are by the way hundred percent open-source projects and Then work with the enhancements that plum grid has done in the in the context of creating that You know the connections managing the fabric managing the overlay Creating that service chain because remember when we talk about these different kinds of VMs that each provide a service You need the ability to stitch them together based on policy I think he raised a very interesting point here in terms of when you move to containers The paradigm the networking paradigm is going to shift a little bit. Why because now you have a lot higher density Then hundred VMs per server Now you need the ability to actually manage so many more connections and route packets through so many more different You know paths that come through so You need that capability that you need that forwarding capability You need that you know functionality that can be integrated together to build a solution So we've worked actually quite a bit in terms of optimizing and working through red hats provides hundred percent open-source software and supports it and plum grid now also has you know open-source capabilities that they have actually worked with us to actually enhance and integrate and take that solution and build it further so Wrapping this whole thing up NFV market is real 5g from a mobile perspective is the main is one of the potential drivers We didn't even discuss that over here by the way We only talked about virtual CPE and we only talked about virtual PE Briefly and so on if you apply the same capabilities to the mobile environment now You have virtually EPC the evolve packet core and now imagine a whole set of mobile routers sitting out there or mobile devices that are sitting out There context of IOTE context of 5g deployment services That's just going to complicate the matter even further and you need all of those Design criteria and capabilities that Parig spoke about There are still a bunch of unresolved problems. We need to look at them We need to understand what that particular architecture is and get involved from a community perspective in terms of development provide features If you attended the keynote you actually had you know There was an interesting point of collaboration that was brought out something called vlan aware VM sets a feature that's coming in Newton By the way, how many of you knew that vlan aware VMs or private vlan capability has something is something that has existed for about 15 years and We didn't have that feature It's only coming out in Newton How did that happen? Well people understood well if you were going to use the open stack infrastructure Deliver these kind of services you need these type of capabilities So more people the more people are involved the more they're looking at these different deployment models The better it becomes and matures over time. There is no universal solution. There is no single solution that fits all There's no one yardstick that can measure everything in terms of each one of the requirements are different each one of the Capabilities that people need are different. So you need to be able to Pick and choose what you need to deploy how you need to deploy build that service and deliver to your customers VNF vendors are providing some interesting solutions. There are still some Challenges associated with them multi-tenancy. Maybe one of those issues scale hyper bandwidth is another issue and We're working together to provide some solutions and on board those different VNF types so that we can actually provide a functionality and capability across this and the last I would say is Try it, right? Yes, absolutely I mean there's nothing like deploying an environment to understand how it can help your business and what challenges are important to you and How to start working on addressing them Questions Wow, the topic was clear or it was clear as mud That was a joke. Thank you. Thank you