High Availability Mechanisms for Service Function Chaining
draft-xuan-nfvrg-ha-sfc-01

The information below is for an old version of the document
Document Type Active Internet-Draft (individual)
Authors Truong-Xuan Do  , Younghan Kim 
Last updated 2017-01-08
Stream (None)
Formats plain text pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
<NFV Research Group>                                     Truong-Xuan Do
Internet Draft                                             Younghan Kim
Intended status: Informational               Soongsil University, Korea
Expires:  Jul 2017                                          Jan 9, 2017

        High Availability Mechanisms for Service Function Chaining
                   draft-xuan-nfvrg-ha-sfc-01

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts. 

   Internet-Drafts are draft documents valid for a maximum of six
   months and may be updated, replaced, or obsoleted by other documents
   at any time.  It is inappropriate to use Internet-Drafts as
   reference material or to cite them other than as "work in progress."
   
   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/1id-abstracts.html
   
   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html
   
   This Internet-Draft will expire on Jul 2017.

Copyright Notice

   Copyright (c) 2014 IETF Trust and the persons identified as the
   document authors. All rights reserved.
   
   This document is subject to BCP 78 and the IETF Trust's Legal 
   Provisions
   Relating to IETF Documents (http://trustee.ietf.org/license-info)
   in effect on the date of publication of this document.  Please
   review these documents carefully, as they describe your rights
   and restrictions with respect to this document.

<Do, et al.>               Expires Jul 9,2017                  [Page 1]
Internet-Draft       <High availability for SFC>            Jan 9, 2017

Abstract

   In the NFV domain, the high availability for SFC is the combination
   of HA for individual service chain components and dynamic adjustment
   This document considers the high availability mechanisms for 
   service chain from the viewpoint of the interaction between virtual
   network function, virtual link, NFV-MANO, and NFVI.
   

Table of Contents

   1. Introduction...................................................3
   2. Conventions used in this document..............................3
   3. High availability of SFC.......................................4
      3.1. SFP adjustment............................................8
      3.2. High availability for VNF.................................5
         3.2.1 active standby........................................4
         3.2.2 active active.........................................5
                 3.2.3 load balancing........................................6
      3.3. High availability for NFV-MANO............................6
      3.4. High availability for service function forwarder..........6
      3.5. High availability for virtual link........................7
   4. Security Considerations........................................8
   5. IANA Considerations............................................8
   6. References.....................................................8
      6.1. Normative References......................................8
      6.2. Informative References....................................8

<Do, et al.>               Expires Jul 9,2017                  [Page 2]
Internet-Draft       <High availability for SFC>            Jan 9, 2017 

1. Introduction

   Network function virtualization (NFV) offers a great flexibility, 
   CAPEX and OPEX reduction, and short time-to-market for provisioning
   network services in cloud environment. 
   
   For traditional networks, the service function deployments are 
   relatively static and are tightly coupled to network topology and
   physical resources. Therefore, the design of network service 
   availability is done hop by hop and the service of each hop is 
   configured and operated independently. There is no mechanism for
   managing the end-to-end service availability. In NFV, the service
   deployment is more dynamic, flexible, visible, and automated.
   The service function chain could be adjusted dynamically in case
   of failure. However, the interaction between the HA mechanisms for
   individual components and service chain has not been discussed yet.
   
   In this document, we considers the high availability mechanisms for
   individual virtual network functions, virtual link, service function
   forwarder, and interaction beetween those individual mechanisms 
   with the service chain adjustment.    

2. Conventions used in this document

The terms about SFC, SFP, SFF, SF, and classifier are defined in 
[RFC7665]. The terms about VNF, VNFFG, VL, NFV-MANO are defined in
[ETSI-NFV-ARCH]. The terms VNF and VNFFG are also called SF and SFC 
respectively. In this document, we assume that there are some mappings 
between the term SFC in [RFC7665] and VNFFG in [ETSI-NFV-MANO]. 
The packets are encapsulated by the network service header (NSH) when
traversing the service chain or VNFFG. The control plane for the SFC
is placed in the NFV-MANO.

<Do, et al.>               Expires Jul 9,2017                  [Page 3]
Internet-Draft       <High availability for SFC>            Jan 9, 2017 

3. High availability of SFC

The high availability for SFC is ensured by the HA for individual
service chain compnents and the adjustment of service function path. 
Depending on customer type and traffic type, the different redundancy 
methods for each service chain component (VNF, VL) are applied to achieve
the corresponding Service Availability Level (SAL) [ETSI-NFV-REL001]. 
 
3.1. SFP adjustment

Service function chain can have serveral service function paths (SFP) 
which are created by the combination of service function instances
located in different physical hardware nodes. The high availability 
of service function chain can be ensured by adjusting the current SFP 
to create a new SFP. The high availability is one of use cases for 
SFC adjustment in the [ietf-sfc-control-plane]. The SFP adjustment also
takes into account some policies defined by network operators.

3.2. High availability of Virtual Network Function

The high availability of VNFs are done using popular redundancy 
methods such as Active-Standby, Active-Active [ETSI-NFV-REL003].

   
3.2.1 Active-Standby configuration for VNF 

In this case, the VNF is configured using active standby mode. when the
active VNF fails, the NFV-MANO detects the failure. The NFV-MANO will
configure the virtual router to map the external connection point (eCP)
to the internal connection point (iCP2) of the standby VNF. The IP 
address of the VNF4 exposed to outside doesn't change, and the SFP
adjustment is not required in this case. 
   
+-----------------------------------------------------+    +---------+
|               +--------+                  Fail      |    |         |
|               | VNF2   |         +----------------------^+         |
|            +--+        +--+      |                  |    |NFV-MANO |
| +-----+    |  +--------+  |  +---+----+  +--------+ |    |         |
| |     +----+              |  | VNF4   |  | VNF4   | |    |         |
| |VNF1 |    |              +--+(active)|  |(standby| |    |         |
| |     |    |  +--------+  |  +--------+  +-+------+ |    |         |
| +--^--+    |  | VNF3   +--+        |       |        +    +         |
|    |       +--+        |        +-iCP1---iCP2-+ configure mapping  |
|    |          +------+-+        |  Virtual    +^----+----+         |
|    |                 ^          |  router     |     |    |         |
|    |                 |          +----+eCP+----+     |    |         |
|    |                 |                 |            |    +---------+
+----|-----------------|-----------------|------------+
+----|-----------------|-----------------|------------+
| +--|-----------------|-----------------|--+         |
| |  |   Virtualization| layer           |  |         |
| +--|-----------------|-----------------|--+         |
|    |                 |                 |            |
| +--+----+            |            +----+-----+      |
| |SFF1   |            |            |  SFF3    |      |
| |       +-------------------------+          |      |
| +----+--+            |            +---+------+      |
|      |          +----+-----+          |             |
|      |          |  SFF2    |          |             |
|      +----------+          +----------+             |
| NFVI            +----------+                        |
+-----------------------------------------------------+

   
   Figure 1. Service function chaining with VNFs at active-standby
   

<Do, et al.>               Expires Jul 9,2017                  [Page 4]
Internet-Draft       <High availability for SFC>            Jan 9, 2017 

3.2.2. Active-Active configuration for VNF

In this case, two VNF4s are active and use different IP addresses. In
active active mode, two internal connection points of VNFs are 
connected to the two external connection points of virtual routers.
when one active VNF4 fails, the NFV-MANO needs to perform the SFP 
adjustment to direct packet to the another active VNF4.

+-----------------------------------------------------+   +---------+
|               +--------+                  Fail      |   |         |
|               | VNF2   |         +---------------------^+         |
|            +--+        +--+      |                  |   |         |
| +-----+    |  +--------+  |  +---+----+  +--------+ |   |NFV-MANO |
| |     +----+              |  | VNF4   |  | VNF4   | |   |         |
| |VNF1 |    |              +--+(active)|  |(active)| |   |         |
| |     |    |  +---------+ |  +--------+  +-+------+ |   |         |
| +--^--+    |  | VNF3    +-+        |       |        |   |         |
|    |       +--+         |         +iCP1--iCP2+      |   |         |
|    |          +------+--+         | Virtual  |      |   |         |
|    |                 ^            | Router   |      |   |         |
|    |                 |            +eCP1--eCP2+      |   |         |
|    |                 |              |       |       |   +----+----+
+----|-----------------|--------------|-------|-------+        |
+----|-----------------|--------------|-------|-------+        |
| +--|-----------------|--------------|-----+ |       |        |
| |  |   Virtualization| layer        |     | |       |        |
| +--|-----------------|--------------|-----+ |       |        |
|    |                 |              |       |       |        |
| +--+----+            |            +-+-------++      |  SFC   |
| |SFF1   |            |            |  SFF3    |      |  adjustment
| |       +-------------------------+          |      |        |
| +----+--+            |            +---+------+      +^-------+
|      |          +----+-----+          |             |
|      |          |  SFF2    |          |             |
|      +----------+          +----------+             |
| NFVI            +----------+                        |
+-----------------------------------------------------+

   Figure 2. Service function chaining with VNFs at active-active

        
 

<Do, et al.>               Expires Jul 9,2017                  [Page 5]
Internet-Draft       <High availability for SFC>            Jan 9, 2017 

3.2.3. Load balancing configuration

In this case, a load balancer is deployed before active VNFs. These
VNFs should be managed by a cluster manager placed on NFV-MANO. The
traffic is distributed among VNFs in a cluster by the load balancer.
When a VNF fails, the traffic comming to the failed VNF will be 
forwarded to another alive VNF in the cluster to process instead. In
this case, the SFP adjustment is not needed. 

3.3. High availability for NFV-MANO

Clustering or redundancy mechanisms can be used to provide HA for 
NFV-MANO. Mechanisms depends on the sub components of the NFV-MANO.
If the sub component is stateless, the cluster and load balancing can 
be used. If the sub component is stateful, other mechanisms such as
active active or active standby can be used. 
 
 
3.4. High availability for service function forwarder

In the NFV environment, the service function forwarder is 
implemented as virtual switch (e.g. openvswitch). The virtual switch
connects virtual NIC of the VMs to the physical NICs. The virtual 
switch redundancy is typically implemented by bonding multiple physical 
NICs to it. 

+-------------------------------+
|      openvswitch (SFF)        |
|                               |
|        +---------------+      |
|        | vNIC (bonding)|      |
+--------++-------------+-------+
          |             |
          |             |
      +---+-+         +-+----+
      |pNIC1|         | pNIC2|
      +-----+         +------+
   Figure 3. NIC bonding for SFF HA

          

        
<Do, et al.>               Expires Jul 9,2017                  [Page 6]



Internet-Draft       <High availability for SFC>            Jan 9, 2017 

3.5. High availability for virtual link

Virtual links connect different connection points using different type
of transport networks and protocols, such as VLAN, VXLAN, MPLS, IP.
The recovery of failed or congested virtual links could use fast 
rerouting algorithms, e.g. MPLS fast rerouting. The SAL will determine
the threshold of virtual link bandwidth or latency and rerouting
algorithms to make another virtual link. In this case, the SFP 
adjustment is not required. 

                                           +------------+  +---------+
                                           | service    +-^+         |
                                           | availability  |         |
                                           | level      +  |         |
                                           +------------+  |         |
                                                           | NFV-MANO|
                                                           | (E2E)   |
+-------+                 +--------+       +-------+       |         |
| SFF1  |                 |  SFF2  |       | SFF3  |       |         |
|       |                 |        |       |       |       |         |
+---+---+                 +--+-+---+       +----+--+       +----+----+
    |                        | |                |               |
    |                        | |                |          +----v------+
    |     +------------+     | |  +----------+  |          | WAN       |
    |     | Transport  |     | |  | Transport+--+  link    | controller|
    +-----+ network    +-----+ +--+ network  +-----fails--^+--+--+--^--+
          +-----^---+--+          +------+---+                |  |  |
                |   |                    ^      reroute       |  |  |
                |   |      reroute       +--------------------+  |  |
                +------------------------------------------------+  |
                    |                                               |
                    +-----------------link fails--------------------+

   Figure 4. High availability for virtual links
          

        

<Do, et al.>               Expires Jul 9,2017                  [Page 7]

Internet-Draft       <High availability for SFC>            Jan 9, 2017 

4. Security Considerations

TBD.

5. IANA Considerations

TBD.

6. References

6.1. Normative References

   [RFC7665] 
             J. Halpern, C. Pignataro, "Service Function Chaining 
             (SFC) architecture", IETF RFC 7665, Oct 2015

6.2. Informative References

    [ETSI-NFV-ARCH]
             Network Function Virtualisation (NFV): architectural
             framework
    [ETSI-NFV-REL001]
             Network Functions Virtualisation (NFV); Resiliency 
             Requirements
    [ETSI-NFV-REL002]
             Network Functions Virtualisation (NFV); Reliability;
             Report on Scalable Architectures for Reliability 
             Management
    [ETSI-NFV-REL003]
             Network Functions Virtualisation (NFV); Reliability;
             Report on Models and Features for End-to-End Reliability
                         
                         

<Do, et al.>               Expires Jul 9,2017                  [Page 8]
Internet-Draft       <High availability for SFC>            Jan 9, 2017

Authors' Addresses

   Truong-Xuan Do
   Soongsil University
   Changui Bldg. 403,
   (156-743) 511 Sangdo-Dong, Dongjak-Gu, Seoul, Korea

   Phone: +82 10 4473 6869
   Email: thespring1989@gmail.com

   Younghan Kim
   Soongsil University
   11F Hyungnam Engineering Bldg. 1107,
   (156-743) 511 Sangdo-Dong, Dongjak-Gu, Seoul, Korea

   Phone: +82-2-820-0904
   Email: younghak@ssu.ac.kr

<Do, et al.>               Expires Jul 9,2017                  [Page 9]