Abstract-The Network Functions Virtualization (NFV) paradigm is the most promising technique to help network providers in the reduction of capital and energy costs. The deployment of virtual network functions (VNFs) running on generic x86 hardware allows higher flexibility than the classical middleboxes approach. NFV also reduces the complexity in the deployment of network services through the concept of service chaining, which defines how multiple VNFs can be chained together to provide a specific service. As a drawback, hosting multiple VNFs in the same hardware can lead to scalability issues, especially in the processing-resource sharing. In this paper, we evaluate the impact of two different types of costs that must be taken into account when multiple chained VNFs share the same processing resources: the upscaling costs and the context switching costs. Upscaling costs are incurred by VNFs multicore implementations, since they suffer a penalty due to the needs of load balancing among cores. Context switching costs arise when multiple VNFs share the same CPU and thus require the loading/saving of their context. We model through an ILP problem the evaluation of such costs and we show their impact in a VNFs consolidation scenario, when the x86 hardware deployed in the network is minimized.
Telecom operators worldwide are witnessing squeezed profit margins mainly due to hyper-competition. Hence, new business models/strategies are needed to help operators reduce Operational and Capital Expenditures. In this context, the Network Function Virtualization (NFV) paradigm, which consists of running Virtual Instances of Network Functions (NFs) in Commercial-Off-The-Shelf (COTS) hardware, represents a solid alternative. Virtual Network Functions (VNFs) are then concatenated together in a sequential order to form service chains (SCs) that provide specific Internet services. In this article, we study different approaches to provision SCs with resiliency against single-link and single-node failures. We propose three Integer Linear Programming (ILP) models to jointly solve the problem of VNF placement and traffic routing, while guaranteeing resiliency against single-link and/or single-node failures. Specifically, we focus on the trade-off between the conflicting objectives of meeting SCs latency requirements and consolidating as many as possible VNFs in NFV-capable nodes. We show that providing resiliency against both singlelink and single-node failures comes at twice the amount of resources in terms of NFV-capable nodes, and that for latency-critical services providing resiliency against single-node failures comes at the same cost with respect to resiliency against single-link and single-node failures. Finally, we discuss important insights about the deployment of bandwidth-intensive SCs. System (IDPS), etc.) 1 within the network [21]. From the cost point of view, telecom operators are witnessing a decrease of the revenue-per-bit, which is envisioned to be even lower than the cost-per-bit, due to the competition from Over-The-Tops (OTTs). The applications introduced by OTTs (e.g., Voice-over-IP (VoIP)) leave the Internet Service Provider (ISP) responsible for only transporting the information, hence contributing heavily in their revenue decrease. Network Function Virtualization (NFV) is a new architectural paradigm that was proposed to improve the flexibility of network service provisioning and reduce the time to market of new services [14]. NFV can revolutionize how network operators design their infrastructure, by leveraging virtualization, to separate software instances from hardware appliances, and decoupling functionalities from locations for faster service provisioning. NFV supports the instantiation of Virtual Network Functions (VNFs) through software virtualization techniques and runs them on Commercial-Off-The-Shelf (COTS) hardware. Hence, the virtualization of network functions opens the way to the provisioning of new services without the installation of new equipment. It is clear 1 A list of acronyms to ease the reading is presented in the last page of this article.
Network Function Virtualization (NFV) provides higher flexibility for network operators and reduces the complexity in network service deployment. Using NFV, Virtual Network Functions (VNF) can be located in various network nodes and chained together in a Service Function Chain (SFC) to provide a specific service. Consolidating multiple VNFs in a smaller number of locations would allow decreasing capital expenditures. However, excessive consolidation of VNFs might cause additional latency penalties due to processing-resource sharing, and this is undesirable, as SFCs are bounded by service-specific latency requirements. In this paper, we identify two different types of penalties (referred as "costs") related to the processingresource sharing among multiple VNFs: the context switching costs and the upscaling costs. Context switching costs arise when multiple CPU processes (e.g., supporting different VNFs) share the same CPU and thus repeated loading/saving of their context is required. Upscaling costs are incurred by VNFs requiring multi-core implementations, since they suffer a penalty due to the load-balancing needs among CPU cores. These costs affect how the chained VNFs are placed in the network to meet the performance requirement of the SFCs. We evaluate their impact while considering SFCs with different bandwidth and latency requirements in a scenario of VNF consolidation.
A promising area of application for Network Function Virtualization is in network security, where chains of Virtual Security Network Functions (VSNFs), i.e., security-specific virtual functions such as firewalls or Intrusion Prevention Systems, can be dynamically created and configured to inspect, filter or monitor the network traffic. However, the traffic handled by VSNFs could be sensitive to specific network requirements, such as minimum bandwidth or maximum end-to-end latency. Therefore, the decision on which VSNFs should apply for a given application, where to place them and how to connect them, should take such requirements into consideration. Otherwise, security services could affect the quality of service experienced by customers.In this paper we propose PESS (Progressive Embedding of Security Services), a solution to efficiently deploy chains of virtualised security functions based on the security requirements of individual applications and operators' policies, while optimizing resource utilization. We provide the PESS mathematical model and heuristic solution.Simulation results show that, compared to state-of-the-art application-agnostic VSNF provisioning models, PESS reduces computational resource utilization by up to 50%, in different network scenarios. This result ultimately leads to a higher number of provisioned security services and to up to a 40% reduction in end-to-end latency of application traffic.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.