Ensuring end-user quality in NFV-based infrastructure Distributed NFV cloud nodes provide instant assessment of the end-user experience EXECUTIVE SUMMARY Compute resources for virtual network functions are becoming available not only inside data centers, but also on mobile base stations, access network devices, and dedicated rack nodes, providing cloud-in-a-box functionality. This trend is being accelerated by network functions virtualization (NFV), which can be implemented on cost-effective, general-purpose computing platforms. For efficient service assurance and troubleshooting in these distributed and virtualized environments, it is recommended to utilize virtualized traffic generation and measurement tools that eliminate field engineering tasks and save substantial hardware expenditures, thereby potentially reducing total cost by an order of magnitude. Offering such a toolbox, Netrounds is easily deployed at any remote location through ordinary NFV cloud orchestration. With minimal effort, and in just a few minutes, any organization can initiate instant NFV service chaining assurance or perform long-term, end-user quality assessment and monitoring, all in line with relevant international standards from ITU, IETF, and the Metro Ethernet Forum (MEF). Netrounds runs on Intel-based platforms that have the ability to dramatically accelerate packet processing, virtualization, and network function performance. INTRODUCTION Practically every IT professional, including network engineers, has embraced virtualization technologies these days. Network providers and operators, as well as enterprise IT, are now discovering the great benefits by virtualizing not only the actual servers in their data centers, but also the whole infrastructure, including resources for networking, storage, and compute. This is what NFV is all about. NFV and software-defined networking (SDN) are expected to make life easier and more efficient for network engineers by hiding the underlying complexity through abstraction layers. However, network complexity is still increasing exponentially, and problems that negatively impact the way users experience services are still likely to occur. Finding and fixing these problems is a challenge that has to be addressed. No service provider wants to spend resources on quality assurance and troubleshooting. But as long as problems occur, these efforts are necessary to keep and develop the business. So rather than completely cutting unwanted costs for service quality assurance, a preferred option is to find solutions that drastically reduce them. Netrounds enables substantial cost savings, thanks to: Elimination of hardware costs by using downloadable appliance software, suitable for NFV deployments Reduction of manual tasks through built-in automation support Enhancement of productivity from unparalleled ease of use Another important trend on par with NFV and SDN is the increasing momentum in the IT industry to use Software-as-a-Service (SaaS) rather than traditional on-premise software. The main drivers for SaaS have been alleviation of internal staff for platform maintenance, centralized management and access, and savings in up-front investment costs. Virtual Network Function-as-a-Service, or VNFaaS, is a use case identified by ETSI that combines Saas and virtual network functions (VNFs). ETSI had enterprise customers in mind as the actual end consumers of a VNF service, such as a virtual firewall. Likewise, with Netrounds, it is now possible for network operators themselves to become users and consumers of virtualized network testing and monitoring as a service. When it comes to professional service assurance and troubleshooting solutions suitable for telecom environments, there have not been any SaaS alternatives available on the market until Netrounds was launched. Based on a subscription-based SaaS offering, Netrounds transforms the test and measurement industry in the same way Salesforce.com did for customer relationship management (CRM) solutions more than 10 years ago. THE CHALLENGE In order to reduce churn, operators must deliver high service quality and performance to their subscribers. Consequently, real-time network performance metrics are needed to understand how quality demanding services such as IPTV, video conferencing, and unified communications are experienced by end users. One option for monitoring service level is to use the five-minute aggregate performance statistics available on network devices, but the output lacks granularity and does not correlate well with the delivered service quality. Alternatively, handheld or portable tools are better suited for measuring the end-user experience; however, they are built on custom hardware, making them very expensive and difficult to distribute in large-scale deployments. In a virtualized network, another complicating factor is the difficultly or possible inability to attach physical hardware test devices to a virtual switch. In addition, physical test devices are often tailored for a single service, like IPTV, making complete assessment and measurements of all offered services even more costly since multiple hardware devices are needed at each location of interest. Moreover, with handheld tools, there is a need for hands holding them on-site, which can result in substantial travel and personnel costs. Another consequence of the above is that it often takes several weeks before problems are diagnosed and fixed, leading to lower customer satisfaction and increased risk of churn. Therefore, operators need affordable tools that can be deployed instantly at strategic locations in their networks to quickly provide insights into the quality of the end-user experience. SOLUTION OVERVIEW Netrounds is a SaaS solution that provides IP network insight and on-demand traffic generation capabilities through the use of distributed x86 probe appliances and public cloud infrastructure for central control and storage. These traffic-generating probe appliances are suitable for bare metal machines as well as for virtual hardware. Figure 1 shows an overview of Netrounds system architecture. The components, labeled Netrounds Probe and Netrounds NFV Probe in the orange boxes, are in fact identical machine images. Figure 1. Overview of the Netrounds system architecture. By downloading and launching one or several Netrounds probe machine images on any x86 targets, a network engineer can quickly and conveniently work through Netrounds' cloud-based GUI/portal to remotely generate active test traffic to perform distributed troubleshooting tests and even monitor quality proactively over time (SLA monitoring). Traffic-generating probes can be located on any physical or virtual Ethernet port in the network for interactive testing in labs and during field trials with in-production monitoring. The probe image is a remote-controlled toolbox for network engineers. Tools included in the image support Metro Ethernet Forum and ITU-T Y.1564 service activation tests, and access security tests. There are also tools for IPTV MPEG analysis, synthetic traffic generation of IPv4/IPv6, and a full stack SIP implementation with both signaling and media streams. Netrounds traffic-generating probes are purely software-based, making them well suited as a VNF for test, measurement, and monitoring. Remote control Active test trafc Live trafc monitoring SOLUTION DETAILS Unlike traditional handheld devices and hardware network testing tools, Netrounds is a complete system. This means it has multi-user support, as well as a centralized server for providing a single location to manage a large number of distributed measurement probes, and to store and analyze measurement results. The centralized server also provides a software repository for automatic updates of all probes, thus alleviating internal IT staff from having to manually maintain and upgrade the embedded software. Netrounds uses public cloud infrastructure for hosting its centralized servers; and as a result, the service is always accessible regardless of location, as long as there is ordinary Internet connectivity. The solution is based on a multi-tenant model, which in turn allows for highly competitive pricing for accessing the service. For security reasons, all probes utilize encrypted communications for interacting with the server through a firewall-friendly scheme. Netrounds and its relation to SDN and NFVIn a completely virtualized world, there are no suitable physical interfaces where traditional test and measurement devices could be connected. Therefore, measurement devices implemented in software are required instead of their traditional hardware counterparts. As shown in the upper part of Figure 2, Netrounds NFV probe appliances can interface directly to virtual switches (vSwitch), such as Open vSwitch. Figure 2. Overall view of Netrounds and how it relates to SDN and NFV. An orchestrator component typically handles deployment of machine images onto compute resources in the NFV infrastructure, as shown in green in Figure 2. This orchestration is also responsible for launching Netrounds NFV probe appliances at requested infrastructure locations. Note that these locations could extend far beyond the data center to include network devices with available NFV compute resources, such as LTE base stations. Also shown in Figure 2, configuration and provisioning of network connections between virtual machines (VMs) or end hosts in an SDN environment are normally done by incorporating an SDN controller, such as OpenDaylight. The actual configuration of both physical and virtual switches is carried out over standardized protocols such as OpenFlow or NETCONF. In an SDN/NFV environment, a considerable portion of the bits is shuffled directly between VMs and VNFs without ever leaving the infrastructure. However, a real-world deployment still relies on an underlying interconnecting physical network built on hardware. Therefore, any test and monitoring system must be capable of measuring across both virtual and physical hardware domains. Figure 2 illustrates how Netrounds is a solution that supports the combination of physical and virtual deployments. Measuring inside the virtual domain (East-West) In real-world scenarios, some traffic may never go to the outside world. An example of this is East-West traffic flowing between distributed back-office servers that handle the post-processing of customer data. In this case, the performance of the vSwitch could quickly become the critical factor if bandwidth requirements exceed its capacity. The achieved performance and long-term behavior of the traffic through the vSwitch (blue arrow in Figure 3) can be measured using Netrounds probe appliances, which may be launched on either the same or different hypervisors. The probes can request and analyze performance metrics, like response times, from services provided by other appliances in the same virtual domain (green arrow). Figure 3. Measuring in the "East-West" direction between VMs. Measuring across virtual and physical domains (North-South) In many cases, traffic originates from end users (or clients) in the physical world. To replicate this scenario, a combination of physical and virtual probes is required, as illustrated in Figure 4. The physical probes could be attached either to aggregation networks or close to the end user in the access. For instance, a probe could be attached on the same aggregation switch that connects to base stations or DSLAMs. Probes could also be connected to unused switch ports of the top-of-rack (ToR) switches in the data center. Regardless of actual deployment, the main purpose of North-South measurements is to gain knowledge about the end-user experience by measuring traffic traversing many different physical network devices along with a potentially complex chain of various virtual network functions, such as WAN accelerators, firewalls, and deep packet inspection devices. The physical part could include Internet core routers, peering routers, distribution switches, data center aggregation switches, mobile backhaul networks, and even ToR switches. Figure 4. Measuring in the "North-South" direction. Data plane tests and measurements For the East-West or North-South scenarios described previously, there are three different types of data plane measurements that could be performed: 1. Generating active synthetic traffic between probes Generating packets of various size, frame rate and header content Hub and spoke or mesh topologies High performance and reliable multi-stream generation of TCP and UDP using IPv4 and IPv6, up to 10 Gbps Metrics for loss, jitter, and one-way delay Useful for QoS validation and service turn up testing according to ITU-T Y.1564 and Metro Ethernet Forum 2. Actively measuring real-world services Measuring like an end user (from the end users perspective) Requesting content from IPTV streaming servers for MPEG analysis Measuring uptime response times and latencies of common services such as HTTP and DNS Initiating sessions through SIP servers to measure signaling performance as well as media quality (MOS) 3. Passively capturing and analyzing traffic Remote traffic capturing on any probe interface, attached to either physical or virtual switches Processing of packet capture files in Wireshark Analysis and statistics of network traffic content BUSINESS BENEFITS Netrounds is instantly deployed and easy to use, and quickly helps solve IP network issues. Network operators with NFV-based network infrastructure can start remote troubleshooting within minutes, anywhere in the world. Automated traffic generation for tests and diagnostics can be initiated centrally, alleviating physical delivery of test equipment and involvement of staff in the field. This instant troubleshooting can reduce the time and cost to solve complicated customer issues by up to 90 percent. Vendors of cloud infrastructures can easily implement Netrounds as a powerful VNF in their NFV ecosystem to improve the ability to test and monitor services, shorten time for acceptance testing, and strengthen their portfolios. For end users, Netrounds helps ensure their everyday connected lives go on without any interruptions. In any unexpected situation, end users can rest assured their service providers have the best tool available to quickly find and fix any problem. SUMMARY Virtual network functions are deployed in data centers, as well as in mobile base stations, access network devices, and dedicated rack nodes that have spare compute resources. For efficient service assurance and troubleshooting in these distributed and virtual environments, it is recommended to utilize virtualized test and measurement tools that eliminate field engineering tasks and save substantial hardware expenditures, thus potentially reducing total cost by an order of magnitude. WHERE TO GET FROM HERE Do you remember the days when it took enormous field efforts to initiate remote troubleshooting and measurements of end-user experience? This is now part of the history. Within just minutes, you are able to get started with your own end-user quality assurance. Just navigate to www.netrounds.com and signup for your own account and leave the history behind. Netrounds offers a reliable traffic generation capabilities and easy-to-use network quality assurance solution, available from the cloud as a SaaS subscription.Netrounds helps getting in-depth understanding of network performance and provides actionable metrics on end-user experience. More than 170 network operators, enterprises and consultants worldwide use Netrounds to increase operational efficiency, reduce capital expenditures and deliver high end-user experience Founded in 2007, Netrounds is headquartered in Lule, Sweden, with offices in Boston, MA. NETROUNDS SOLUTIONS AB Storgatan 7 972 38 LULE, SWEDEN Phone +46 920 420015 www.netrounds.com Copyright 2014, Netrounds. All rights reserved. This document is issued to provide information only and the content is subject to revision without notice due to continued development. The product and services described are subject to availability and change without notice.