Control Plane Elasticity & Virtualization in the 4G Core

(1)

White Paper

Control Plane Elasticity &

Virtualization in the 4G Core

Prepared by

Gabriel Brown

Senior Analyst,

Heavy Reading

www.heavyreading.com

on behalf of

www.amdocs.com

(2)

HEAVY READING | MAY 2013 | WHITE PAPER | CONTROL PLANE ELASTICITY & VIRTUALIZATION THE 4G CORE 2

Control-Plane Virtualization & Service Agility

To drive a lower cost of operations, scale networks elastically and increase "service velocity," leading mobile operators are pursuing Network Functions Virtualization (NFV) strategies in the 4G core – covering both data plane elements such as packet gateways and the "intelligent control plane," including policy servers, subscriber databases and IMS applications.

While NFV in the 4G core is initially focused on improved cost of ownership, control plane virtualization also offers service model and service agility advantages to mobile service providers.

This white paper will identify which 4G core applications are the best candidates for virtualization and can be abstracted from hardware to run on carrier cloud infrastructure. It will discuss key use cases and argue that service innovation and agility is fast becoming as important a driver for virtualization as cost-efficiency. The conclusion will identify emerging best practices in the area of virtualization for mobile operators, with specific reference to the 4G core control plane.

The 4G core, based on the Evolved Packet Core (EPC), is a new, or recent, investment for mobile operators. This makes it one of the most attractive parts of the network to virtualize and offers operators an opportunity to create a new, service-oriented "foundation architecture" that can be extended in the future.

Drivers for NFV: Speed & Elasticity

Mobile operators are pursuing virtualization strategies in order to prepare their networks for future workloads and business models. Inspired, and perhaps chas-tened, by the flexible, elastic approach to networking being developed in Internet and cloud providers, operators see an opportunity to leverage this technology to reengineer the classic nodal deployment model.

However, there are differences between mobile operator networks and those of Internet and cloud providers. Mobile networks are inherently distributed, can be very large-scale, are multiservice and have specific reliability and performance requirements. To address the unique nature of telecom networks, operators have formed the NFV group within ETSI to develop the requirements, frameworks and processes needed to commercialize the technology.

For mobile operators, the motivations for 4G core network virtualization can be summarized as follows:

 Separate software from hardware. One goal of NFV is to break the link be-tween a logical function and hardware. This software-centric approach means that performance, scalability and feature development can be decoupled from slower hardware development cycles.

 Elasticity and rapid scaling. With virtualized applications, operators can scale resources according to demand and to the requirements of specific use cases. There is less need to overprovision hardware initially.

 Increase service velocity & agility. With software-centric networks, opera-tors can create virtualized core network instances that are suited to spe-cific customer types, use cases and traffic models. A service definition and "workflow" can be rapidly configured in software to meet the needs of a specific enterprise, for example.

(3)

Virtualization, SDN & Cloud

NFV is closely linked to two other major transitions in networking occurring at the same time: cloud and software-defined networking (SDN). Although the three are linked, they are also distinct from one another. Virtualized core network

applica-tions can deliver benefits independently of SDN, for example. Figure 1 summarizes

each technology.

In the 4G core, there is a strong argument to virtualize network functions ahead of implementing SDN. Starting with control-plane functions – IMS, HSS and policy servers, for example – operators can realize the cost saving and programmability benefits of virtualization in the relatively near term.

As the operator looks to define and develop a broader SDN and telco cloud strategy, virtualized applications can be ported over to that environment. In this sense, the virtualized 4G core becomes an application on an SDN network. Thus NFV is decoupled from SDN and cloud, but ultimately operators will benefit from tighter integration over the longer term.

The 4G Core & NFV

Because it is a relatively new investment, the 4G core represents an opportunity to create a foundation architecture that will scale over the long-term. And because LTE formally separates the control and bearer planes (it is sometimes called an "SDN-like" architecture), virtualization of these functions is viewed as attractive.

Figure 1: Virtualization, SDN & Cloud Infrastructure

NFV An operator-led initiative to decouple network applications from hardware

platforms to benefit from the economies of scale in the data center server market.

Specifically, NFV is about reengineering network functions to run as virtualized applications on x86 COTS servers.

NFV can be considered part of the application layer in an SDN network. But NFV can also be used on top of a "classic" IP network without an SDN.

SDN Centralized "SDN controller," which maintains a global view of the (IP) network;

appears to the applications and policy engines as a single, logical switch. An SDN is managed and manipulated at an abstract level through its north-bound API.

Applications use the northbound API to specify how they want the network configured for their specific latency, security, SLA, routing, etc. needs.

CLOUD Automated IT infrastructure (compute and storage) running today in large,

centralized data centers.

Potential to create a distributed cloud by extending compute and storage to central offices and base stations.

Based on x86 hardware and managed with a cloud automation platform ("cloud stack"), which includes a virtualization layer, an orchestration layer and an API for manipulating cloud resources.

(4)

HEAVY READING | MAY 2013 | WHITE PAPER | CONTROL PLANE ELASTICITY & VIRTUALIZATION THE 4G CORE 4 Identifying which mobile core functions are the best candidates for virtualization is

a judgment on which applications are technically suited (i.e., easier to do) to abstraction to generic x86 servers and are most pressing for operators. This is complicated because different operators have varying priorities and pain points. Many operators have already made EPC deployment decisions, or need to do so in the near future, and cannot wait for technology that today is still in the proof-of-concept or prototype phase.

A way to think about virtual EPC, therefore, is a series of steps toward a target architecture where, over the longer term, the entire EPC is virtualized. Four of the key early opportunities are described below:

 Focus on the control plane. Control plane applications are server-based, which makes them well suited to virtualization. Engineered systems, run-ning on IBM, HP and ATCA, dominate today, but vendors are rapidly port-ing applications over to a virtualized environment. Subscriber databases, HSS servers, policy servers, IMS and perhaps MMEs can lead.

 Gi Services LAN. There are a number of "inline services" deployed on the Gi/SGi interface between the packet gateway and the Internet that are good candidates for virtualization. Examples include DPI, NAT, content fil-tering, charging gateways, video optimization and firewalls. The intent is to reduce the sprawl of boxes in the data path and be smarter about how and where service flows are processed.

 Extension to a "classic" EPC. For operators that have already deployed S/P-GWs and MMEs and have a stable architecture, or the large number of operators about to deploy a classic EPC, virtualization offers potential to extend the EPC core with additional server-based EPC instances, either for capacity reasons, or to support specific use cases or customer types.

 Parallel EPC. Deployed alongside a classic EPC, operators may choose to deploy a parallel core for use cases with specific traffic models, security requirements and so on. Machine-to-machine, public safety and MVNO services are examples. A parallel, virtual EPC can be used with RAN shar-ing to create a separate core network.

Categories of Virtual EPC Functions

The 4G core (i.e., the EPC and surrounding applications) is not a monolithic entity,

but is made up of many interworking applications. Figure 2 on the next page

identifies three broad categories of 4G core functions that might be virtualized: the control plane (yellow), the data plane (red) and the services LAN (blue). The initial focus is on the control plane. Policy servers and subscriber databases, for example, are already server-based, and most vendors are now working to port their applications to COTS servers and VM environments. The application layer and control layer in IMS is also relatively well advanced. A number of vendors will offer IMS on COTS servers this year, and progressive operators are planning to use virtualized Telephony Application Servers (TAS) to introduce VoLTE in 2014.

IMS is a good example of where virtualization makes sense because it is a new investment for mobile operators and will take time to grow. By contrast, a mature MSC server from the 2G/3G voice core would not be a prime candidate as there would be a lot of work, and not much to gain, from virtualization. This principle of new applications being better suited to virtualization is important.

(5)

HEAVY READING | MAY 2013 | WHITE PAPER | CONTROL PLANE ELASTICITY & VIRTUALIZATION THE 4G CORE 5 Another area of near-term interest is so-called "Gi-LAN services." These are

func-tions deployed in the "services LAN" between the mobile network and external services (and even the operator's own cloud services). To reduce complexity and latency, operators have moved to consolidate Gi functions into fewer boxes (sometimes the P-GW itself). More recently, however, a new trend toward ab-stracting these functions to run as virtualized services in the telco cloud has emerged. Some of these applications (video optimization, parental control and ad insertion, for example) are more suited to virtualization than others.

The data plane is perhaps the most challenging to virtualize from a performance perspective. Packet gateways, in particular, can deliver greater performance using specialized packet processing hardware (for example, based on a router). This can also apply to DPI boxes and firewalls where throughput is also important. However, even in the data plane, there are initiatives from vendors and operators to virtualize these functions to run on COTS servers.

Service Agility, Programmability, & Policy-based "Workflows"

Virtual EPC is, in the first instance, driven by a desire to break the link between logical functions and the underlying hardware to save money and, in particular, to reduce opex. An equally important attribute of software-centric networks,

howev-er, is programmability, and how that enables service agility.

The ability to configure and scale infrastructure, and to program "workflows," in software, according to the use case or customer type is critical. It gives operators much greater scope to diversify their service offers and to address a greater part of the market more quickly.

The idea is to program virtualized instances of the EPC (and related services) according to different service definitions, which incorporate traffic models, mobility profiles, policy and charging, security requirements and so on. This is

presented in Figure 3.

Figure 2: Virtualization In & Around the EPC

(6)

HEAVY READING | MAY 2013 | WHITE PAPER | CONTROL PLANE ELASTICITY & VIRTUALIZATION THE 4G CORE 6 In each scenario, a service definition is created for each user type or application,

and a workflow is configured accordingly. In some cases, the user would be highly mobile and consume a lot of bandwidth, and thus require a particular EPC, traffic management and security configuration; whereas another type of service may be more static and predictable, and thus require a different workflow configuration. Where previously operators would have to introduce services on a network-wide basis, and upgrade cabinets of hardware to do so, the software-centric model is tailored to the customer. In this way, virtualization helps to increase the size of the operator's addressable market.

In addition, programmability also allows the operator the ability to virtually partition the network infrastructure to support different use cases and scale virtualized core instances up or down as demand requires. This is discussed in the following section.

Figure 3: Service Chaining & Workflow

(7)

Virtual EPC Control Plane Use Cases

This section identifies some key use cases enabled by virtualized control plane elements such as PCRF and HSS. In each case programmable workflows, service partitioning and elastic scaling play an important enabling role.

Use Case 1: Multitenant Core Networks & MVNOs

One of the primary use cases for a virtualized core is the ability for a multinational operator to be able to support individual national operators from centralized data centers. The model also works for MVNOs, and to a degree holds for very large

national operators with regional operations. The concept is shown in Figure 4.

A multitenant core network will be a hybrid of (virtualized) centralized and local elements (possibly virtualized), with the split of functions determined on a case-by-case basis. In some operators it might make sense for SBCs and packet gateways to be located in the local market to enable local routing and break-out, whereas application logic and control-plane functions could be located centrally.

An example of a service that could be located centrally would be RCS. This is a non-real-time messaging service that would benefit from the economies of scale of a centralized deployment in the same way as over-the-top services such as Whatsapp and Facebook messenger do, because it is expensive to replicate in local, low-volume markets. In many smaller markets, moreover, a pay-as-you-use investment model would also be more appropriate for a service with speculative chance of success, and that will take time to build substantial volume.

Figure 4: Multitenant Core Networks

(8)

Use Case 2: Enterprise Services

Another use case that highlights the benefits of a virtualized core relates to enterprise service offerings. A typical large enterprise would have its own require-ments (e.g., in terms of policies, security, etc.) and very likely several different requirements for different user groups.

A car manufacturer, for example, may require network services to collect teleme-try data from vehicles, to deliver software updates, or to stream audio or video entertainment to vehicles, as well as needing standard employee connectivity. Four different use cases, each with different workflow requirements, from the same

large enterprise customer (in this case a car manufacturer) are shown in Figure 5.

Using virtualized core instances, the operator can scale resources on-demand for this customer and offer the appropriate "in-line services" (security, optimization, etc.) for each use case. For example, in-vehicle entertainment services (such as streaming audio and video) will consume significant bandwidth, will likely benefit from traffic optimization and caching, and might be charged for in a way particu-lar to content services.

Collection of vehicle telemetry data, on the other hand, would typically be low-bandwidth and predictable. But on occasion – e.g., if a software patch needs to be urgently distributed – the elasticity of virtualized EPC would mean the operator could provide the customer with "burst capacity."

A virtualized control plane enables these use cases because of the role the control plane plays in orchestrating policy, and because being virtualized itself, specific instances of the HSS and PCRF can be created for the customer type and use case.

Figure 5: Service Definitions & Workflows (for Vehicle Manufacturer)

(9)

Use Case 3: M2M Services

Another proposed use case for virtual EPC is for machine-to-machine (M2M) services. This type of network-as-a-service offering to M2M companies represents a new business model for operators.

The logic is that M2M has a traffic model different from "normal" services, in that it is often transaction-oriented, predictable, low-throughput and can be time-of-day dependent (e.g., to check stock levels on vending machines at midnight). This use case can be supported on standard infrastructure, but may be better suited to a virtualized core instance that is configured for the particular traffic model.

Because M2M traffic is often not delay-sensitive – although in some cases, such as healthcare monitoring, the opposite may be true – it is an opportunity to experi-ment (i.e., innovate) with virtualized EPC. The main "production network" operates as normal, while the M2M traffic is split off at the RAN level and is processed in the new virtual EPC, which is configured according to the demands of the service. In this way, operators gain experience with the model with a lower risk of disruption to their mainstream services. As the technology matures over time, it will be able to move more services to the virtualized environment.

Use Case 4: Public Safety

Another example of service partitioning using virtualization is public safety. Rather than build dedicated private networks, it is now deemed more attractive for public safety agencies to share radio access networks with other agencies, and in some cases with commercial carriers. They benefit from better coverage and stay much more closely aligned with technical progress in the commercial market, instead of being restricted to the rate of change seen in bespoke private systems.

Figure 6: vEPC for Machine-to-Machine Services

(10)

HEAVY READING | MAY 2013 | WHITE PAPER | CONTROL PLANE ELASTICITY & VIRTUALIZATION THE 4G CORE 10 Public safety agencies, however, continue to have specific security and

perfor-mance needs. Although multiple agencies (fire, police, ambulance, etc.) would share the access network, each would need their own interoperable core networks. This makes the ability to offer "customized" virtual core network instances a high-value activity.

Virtualized core network instances running on commercial server platforms could provide a good solution to "core-network-in-a-box" solution often proposed for public safety agencies that have a limited number of users, but requirement for

specialized functionality.

Given that emergencies, by nature unpredictable, will be at different times and locations, and that a public safety network would need to be able to support a sudden increase in capacity, a virtualized core network hosted in the cloud would in theory be attractive because of the way it is able to "scale on demand."

Because multiple agencies are operating over a shared access network, there is a need to prioritize users, and to ensure QoS for critical applications such as VoLTE. The ability to do this dynamically for this inherently unpredictable environment is vital.

The challenge is that public safety is not a use case where it is acceptable to experiment in a way that increases the risk of service disruption relative to a "classic" core network deployment. This makes a progressive approach to core virtualization attractive, and again highlights the logic of starting with control-plane functions.

Key vEPC Features for Public Safety

Elasticity: To adapt to the unpredicta-ble demand associated with emer-gency and first-responder use cases

Dynamic QoS & Prioritization: To ensure key services and users are prioritized during emergencies; especially valuable in shared access networks

Custom Configuration: Agencies have specific use cases and security requirements that require custom configuration of the vEPC instance

(11)

Challenges to Virtualized EPC

Applications Written for the Cloud

To deliver the programmability and scalability benefits associated with virtualiza-tion, it is becoming clear that applications "written for the cloud" will work better than a straight port of an existing application to run in a VM environment.

Applications (network functions) written for a VM environment would use a modular software architecture that can scale according to the use case and traffic model. For example, a policy server that makes extensive use of in-memory caching that can scale the storage module independently of the policy decision (compute) module will be more flexible than a monolithic port of a traditional policy server. Similarly, in an IMS deployment to support VoLTE (a stateful service), a TAS that can scale the state control module independently of the transaction module will scale more flexibly than a monolithic TAS application.

This need to rewrite applications for a VM platform varies by vendor. Many are already a fair way along the journey, but this is, nevertheless, a disruptive factor in the transition to virtualized EPC.

Performance & Reliability

Telco-grade platforms exist for reason: Operators demand, and need, high-availability equipment to minimize outages, with the performance to handle telco workloads. It will not be acceptable to deliver virtualized implementations that are less reliable than today's core networks. The adage that "you can't run 'five-nines' applications on 'three-nines' hardware" exemplifies this.

Server technology from the IT world has not historically been able to deliver required reliability or performance. In the mobile core, and especially in the bearer plane, vendors have been able to differentiate on the platform and its underlying performance. This has, in fact, been a key determinant of competive-ness over the years.

The challenge is how to deliver performance and reliability in a virtualized envi-ronment. Working in favor of NFV is the belief that off-the-shelf servers will improve in price/performance at a rate faster than engineered systems will improve. In the control plane, this is almost a racing certainty.

Reliability also speaks to the type of cloud infrastructure on which virtualized core network applications will run. The private telco cloud – owned and run by the operator – is deemed more suitable for carrier-grade

telco applications, and at this point is the preferred platform for NFV. If telcos are investing in cloud infrastructure for their end users, they can use this same platform for NFV – so the theory goes.

More broadly, it is becoming apparent that software is the solution to being able to run high-performance

applications on unreliable, commodity hardware. This highlights the importance of the management layer and the value to operators of better, more mature tools on which to run virtualized network functions.

Software is the solution to

running high-performance

applications on unreliable,

commodity hardware

(12)

Management & Orchestration

The process of provisioning compute resources according to the needs of the applications running in VMs is one of the biggest challenges to implementing NFV. "Elasticity" depends on the network and application being able to call up re-sources as needed from the cloud. For critical NFV applications, the network must know – for certain – that resources will be available on demand. This places great responsibility on the cloud management (orchestration) layer and its interaction with the network and applications.

Orchestration is independent of the virtualized applications. In practice, however, the application must interface to the management layer to be able to call on additional resources in a timely manner. Therefore, a critical decision for any NFV strategy is which resource management layer the operator will use.

Operators are rightly wary of being locked into a single vendor of management software, and different operators will select different platforms. This means that application software will need to interface with several different cloud manage-ment layers, and be hypervisor-independent. Many operators are using VMware today, but some larger operators (and larger vendors) are developing their own platforms based on Openstack.

NFV & Organizational Models in Telecom Operators

Traditional telecom networking skills and operating procedures have served operators well and are embedded into the organizational fabric. Purposefully disrupting something that works well is not easy. Many operators are now conver-sant with NFV and cloud at a high level, but most are a long way from being able to implement it at scale.

Typically some of the skill set required for NFV is found in the IT and data center groups running internal systems and supporting enterprise customers. These groups have experience of virtualization, but generally have little insight into the specific demands of network applications.

Aligning organizational assets, cultures and expertise/skills is therefore critical. The operators that have made most progress on NFV to date have, without exception, already made moves in this direction and expect collaboration between IT and networks to deepen over time. An organizational structure that champions software-centric network development is a prerequisite for NFV.

(13)

Conclusion: Best-Practice NFV in the 4G

Control Plane

Leading mobile operators are pursuing NFV strategies in the 4G core. While the initial driver is to lower costs, fundamentally the value of software-centric core networks is to provide operators with greater service agility and innovation potential so they can address and create new market opportunities more quickly. Control-plane applications, such as policy servers, subscriber databases and IMS, will be among the first virtualized 4G core functions to be implemented in com-mercial mobile networks. These applications are already server-based and are relatively straightforward to port to a virtualized environment. By starting NFV implementation in the control plane, operators are able to establish new architec-tures and networking models that will incorporate the entire virtualized EPC in the future, and in time play a role in broader telco cloud and SDN strategies.

Operators and telecom vendors must, of course, overcome a number of chal-lenges as they virtualize the core network. Technology remains immature, and there is little by way of real-world implementation and established best practices that operators can benchmark against and learn from.

With this in mind, we propose the following recommendations for operators evaluating NFV and its role in the 4G core:

 The goal at this stage should be to create a framework that allows the

NFV strategy to evolve, according to changing technology and commer-cial needs, and to new insight. There are many uncertainties; being able to adapt as technology and the market changes is critical.

 Create an organizational structure across the network, service platform

and IT divisions that enables, and champions, software-centric network development. Communication between divisions is a prerequisite for shar-ing infrastructure and processes, and to unlockshar-ing the benefits of NFV.

 Identify lead applications and use cases to prototype and commercialize

in parallel to the production network. Good examples include policy and HSS, the IMS applications layer and certain Gi-LAN services. Operators should think in terms of developing a hybrid architecture that comprises a mix of virtualized applications and classic, engineered systems.

 Ensure vendor roadmaps have clear and committed paths to

virtualiza-tion for any new equipment or major upgrades, and will be able to sup-port your chosen orchestration layer. Modular scalability is better suited to VM environments than direct ports of monolithic applications.

 Identify service opportunities and new use cases enabled by NFV, and

make this central to the strategy. Cost savings and efficiencies are valua-ble, but the programmability of software-centric networks and the ability rapidly reconfigure assets to support new use cases and services will also determine success.

(14)

Background to This Paper

About the Author

Gabriel Brown

Senior Analyst, Heavy Reading

Brown's coverage at Heavy Reading focuses on wireless data networking

tech-nologies, including Wi-Fi, 3G/HSPA and LTE, with reference to how these technolo-gies impact the wider mobile data services market. Brown has covered the

wireless data industry since 1998. Before moving to Heavy Reading, Brown was

Chief Analyst of the monthly Insider Research Services, published by Heavy

Reading's parent company Light Reading.

Brown was previously the editor of IP Wireline and Wireless Week at London's

Euromoney Institutional Investor. He often presents research findings at industry events and is regularly consulted by wireless networking technology leaders.

Brown is based in the U.K. and can be reached at [email protected].

About

Heavy Reading

Heavy Reading (www.heavyreading.com) is an independent research organiza-tion offering deep analysis of emerging telecom trends to network operators, technology suppliers and investors. Its product portfolio includes in-depth reports that address critical next-generation technology and service issues, market trackers that focus on the telecom industry's most critical technology sectors, exclusive worldwide surveys of network operator decision-makers that identify future purchasing and deployment plans, and a rich array of custom and consult-ing services that give clients the market intelligence needed to compete success-fully in the $4 trillion global telecom industry.

Heavy Reading

240 West 35th Street, 8th Floor New York, NY 10001

Phone: +1 212-600-3000