<NFV Research Group>                                     Truong-Xuan Do
Internet Draft                                             Younghan Kim
Intended status: Informational               Soongsil University, Korea
Expires:  Jan 2018                                          Jul 1, 2017




        High Availability Mechanisms for Service Function Chaining
                   draft-xuan-nfvrg-ha-sfc-02


Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six
   months and may be updated, replaced, or obsoleted by other documents
   at any time.  It is inappropriate to use Internet-Drafts as
   reference material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/1id-abstracts.html

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html

   This Internet-Draft will expire on Jan 2018.

Copyright Notice

   Copyright (c) 2014 IETF Trust and the persons identified as the
   document authors. All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions
   Relating to IETF Documents (http://trustee.ietf.org/license-info)
   in effect on the date of publication of this document.  Please
   review these documents carefully, as they describe your rights
   and restrictions with respect to this document.



<Do, et al.>               Expires Jan 1,2018                  [Page 1]


Internet-Draft       <High availability for SFC>            Jul 1, 2017




Abstract

   In the NFV domain, the high availability for SFC is the combination
   of HA for individual service chain components and dynamic adjustment
   This document considers the high availability mechanisms for
   service chain from the viewpoint of the interaction between virtual
   network function, virtual link, NFV-MANO, and NFVI.


Table of Contents


   1. Introduction...................................................3
   2. Conventions used in this document..............................3
   3. High availability of SFC.......................................4
      3.1. SFP adjustment............................................8
      3.2. High availability for VNF.................................5
         3.2.1 active standby........................................4
         3.2.2 active active.........................................5
                 3.2.3 load balancing........................................6
      3.3. High availability for NFV-MANO............................6
      3.4. High availability for service function forwarder..........6
      3.5. High availability for virtual link........................7
   4. Multisite considerations.......................................7
   5. Security Considerations........................................8
   6. IANA Considerations............................................8
   7. References.....................................................8
      7.1. Normative References......................................8
      7.2. Informative References....................................8





<Do, et al.>               Expires Jan 1,2018                  [Page 2]


Internet-Draft       <High availability for SFC>            Jul 1, 2017


1. Introduction

   Network function virtualization (NFV) offers a great flexibility,
   CAPEX and OPEX reduction, and short time-to-market for provisioning
   network services in cloud environment.

   For traditional networks, the service function deployments are
   relatively static and are tightly coupled to network topology and
   physical resources. Therefore, the design of network service
   availability is done hop by hop and the service of each hop is
   configured and operated independently. There is no mechanism for
   managing the end-to-end service availability. In NFV, the service
   deployment is more dynamic, flexible, visible, and automated.
   The service function chain could be adjusted dynamically in case
   of failure. However, the interaction between the HA mechanisms for
   individual components and service chain has not been discussed yet.

   In this document, we considers the high availability mechanisms for
   individual virtual network functions, virtual link, service function
   forwarder, and interaction beetween those individual mechanisms
   with the service chain adjustment.



2. Conventions used in this document


The terms about SFC, SFP, SFF, SF, and classifier are defined in
[RFC7665]. The terms about VNF, VNFFG, VL, NFV-MANO are defined in
[ETSI-NFV-ARCH]. The terms VNF and VNFFG are also called SF and SFC
respectively. In this document, we assume that there are some mappings
between the term SFC in [RFC7665] and VNFFG in [ETSI-NFV-MANO].
The packets are encapsulated by the network service header (NSH) when
traversing the service chain or VNFFG. The control plane for the SFC
is placed in the NFV-MANO.

<Do, et al.>               Expires Jan 1,2018                  [Page 3]


Internet-Draft       <High availability for SFC>            Jul 1, 2017

3. High availability of SFC

The high availability for SFC is ensured by the HA for individual
service chain compnents and the adjustment of service function path.
Depending on customer type and traffic type, the different redundancy
methods for each service chain component (VNF, VL) are applied to achieve
the corresponding Service Availability Level (SAL) [ETSI-NFV-REL001].

3.1. SFP adjustment

Service function chain can have serveral service function paths (SFP)
which are created by the combination of service function instances
located in different physical hardware nodes. The high availability
of service function chain can be ensured by adjusting the current SFP
to create a new SFP. The high availability is one of use cases for
SFC adjustment in the [ietf-sfc-control-plane]. The SFP adjustment also
takes into account some policies defined by network operators.

3.2. High availability of Virtual Network Function

The high availability of VNFs are done using popular redundancy
methods such as Active-Standby, Active-Active [ETSI-NFV-REL003].


3.2.1 Active-Standby configuration for VNF

In this case, the VNF is configured using active standby mode. when the
active VNF fails, the NFV-MANO detects the failure. The NFV-MANO will
configure the virtual router to map the external connection point (eCP)
to the internal connection point (iCP2) of the standby VNF. The IP
address of the VNF4 exposed to outside doesn't change, and the SFP
adjustment is not required in this case.

+-----------------------------------------------------+    +---------+
|               +--------+                  Fail      |    |         |
|               | VNF2   |         +----------------------^+         |
|            +--+        +--+      |                  |    |NFV-MANO |
| +-----+    |  +--------+  |  +---+----+  +--------+ |    |         |
| |     +----+              |  | VNF4   |  | VNF4   | |    |         |
| |VNF1 |    |              +--+(active)|  |(standby| |    |         |
| |     |    |  +--------+  |  +--------+  +-+------+ |    |         |
| +--^--+    |  | VNF3   +--+        |       |        +    +         |
|    |       +--+        |        +-iCP1---iCP2-+ configure mapping  |
|    |          +------+-+        |  Virtual    +^----+----+         |
|    |                 ^          |  router     |     |    |         |
|    |                 |          +----+eCP+----+     |    |         |
|    |                 |                 |            |    +---------+
+----|-----------------|-----------------|------------+
+----|-----------------|-----------------|------------+
| +--|-----------------|-----------------|--+         |
| |  |   Virtualization| layer           |  |         |
| +--|-----------------|-----------------|--+         |
|    |                 |                 |            |
| +--+----+            |            +----+-----+      |
| |SFF1   |            |            |  SFF3    |      |
| |       +-------------------------+          |      |
| +----+--+            |            +---+------+      |
|      |          +----+-----+          |             |
|      |          |  SFF2    |          |             |
|      +----------+          +----------+             |
| NFVI            +----------+                        |
+-----------------------------------------------------+


   Figure 1. Service function chaining with VNFs at active-standby




<Do, et al.>               Expires Jan 1,2018                  [Page 4]


Internet-Draft       <High availability for SFC>            Jul 1, 2017

3.2.2. Active-Active configuration for VNF

In this case, two VNF4s are active and use different IP addresses. In
active active mode, two internal connection points of VNFs are
connected to the two external connection points of virtual routers.
when one active VNF4 fails, the NFV-MANO needs to perform the SFP
adjustment to direct packet to the another active VNF4.


+-----------------------------------------------------+   +---------+
|               +--------+                  Fail      |   |         |
|               | VNF2   |         +---------------------^+         |
|            +--+        +--+      |                  |   |         |
| +-----+    |  +--------+  |  +---+----+  +--------+ |   |NFV-MANO |
| |     +----+              |  | VNF4   |  | VNF4   | |   |         |
| |VNF1 |    |              +--+(active)|  |(active)| |   |         |
| |     |    |  +---------+ |  +--------+  +-+------+ |   |         |
| +--^--+    |  | VNF3    +-+        |       |        |   |         |
|    |       +--+         |         +iCP1--iCP2+      |   |         |
|    |          +------+--+         | Virtual  |      |   |         |
|    |                 ^            | Router   |      |   |         |
|    |                 |            +eCP1--eCP2+      |   |         |
|    |                 |              |       |       |   +----+----+
+----|-----------------|--------------|-------|-------+        |
+----|-----------------|--------------|-------|-------+        |
| +--|-----------------|--------------|-----+ |       |        |
| |  |   Virtualization| layer        |     | |       |        |
| +--|-----------------|--------------|-----+ |       |        |
|    |                 |              |       |       |        |
| +--+----+            |            +-+-------++      |  SFC   |
| |SFF1   |            |            |  SFF3    |      |  adjustment
| |       +-------------------------+          |      |        |
| +----+--+            |            +---+------+      +^-------+
|      |          +----+-----+          |             |
|      |          |  SFF2    |          |             |
|      +----------+          +----------+             |
| NFVI            +----------+                        |
+-----------------------------------------------------+


   Figure 2. Service function chaining with VNFs at active-active






<Do, et al.>               Expires Jan 1,2018                  [Page 5]


Internet-Draft       <High availability for SFC>            Jul 1, 2017

3.2.3. Load balancing configuration

In this case, a load balancer is deployed before active VNFs. These
VNFs should be managed by a cluster manager placed on NFV-MANO. The
traffic is distributed among VNFs in a cluster by the load balancer.
When a VNF fails, the traffic comming to the failed VNF will be
forwarded to another alive VNF in the cluster to process instead. In
this case, the SFP adjustment is not needed.

3.3. High availability for NFV-MANO

Clustering or redundancy mechanisms can be used to provide HA for
NFV-MANO. Mechanisms depends on the sub components of the NFV-MANO.
If the sub component is stateless, the cluster and load balancing can
be used. If the sub component is stateful, other mechanisms such as
active active or active standby can be used.


3.4. High availability for service function forwarder

In the NFV environment, the service function forwarder is
implemented as virtual switch (e.g. openvswitch). The virtual switch
connects virtual NIC of the VMs to the physical NICs. The virtual
switch redundancy is typically implemented by bonding multiple physical
NICs to it.

+-------------------------------+
|      openvswitch (SFF)        |
|                               |
|        +---------------+      |
|        | vNIC (bonding)|      |
+--------++-------------+-------+
          |             |
          |             |
      +---+-+         +-+----+
      |pNIC1|         | pNIC2|
      +-----+         +------+
   Figure 3. NIC bonding for SFF HA





<Do, et al.>               Expires Jan 1,2018                  [Page 6]


Internet-Draft       <High availability for SFC>            Jul 1, 2017

3.5. High availability for virtual link

Virtual links connect different connection points using different type
of transport networks and protocols, such as VLAN, VXLAN, MPLS, IP.
The recovery of failed or congested virtual links could use fast
rerouting algorithms, e.g. MPLS fast rerouting. The SAL will determine
the threshold of virtual link bandwidth or latency and rerouting
algorithms to make another virtual link. In this case, the SFP
adjustment is not required.

                                           +------------+  +---------+
                                           | service    +-^+         |
                                           | availability  |         |
                                           | level      +  |         |
                                           +------------+  |         |
                                                           | NFV-MANO|
                                                           | (E2E)   |
+-------+                 +--------+       +-------+       |         |
| SFF1  |                 |  SFF2  |       | SFF3  |       |         |
|       |                 |        |       |       |       |         |
+---+---+                 +--+-+---+       +----+--+       +----+----+
    |                        | |                |               |
    |                        | |                |          +----v------+
    |     +------------+     | |  +----------+  |          | WAN       |
    |     | Transport  |     | |  | Transport+--+  link    | controller|
    +-----+ network    +-----+ +--+ network  +-----fails--^+--+--+--^--+
          +-----^---+--+          +------+---+                |  |  |
                |   |                    ^      reroute       |  |  |
                |   |      reroute       +--------------------+  |  |
                +------------------------------------------------+  |
                    |                                               |
                    +-----------------link fails--------------------+

   Figure 4. High availability for virtual links

4. Multisite considerations

In the case of multisite cloud-based SFC, if high availability
mechanisms for VNF are deloyed over multisite (e.g. the active and
standby machines are distributed into multiple geographical locations).
Thus, when an active VNF fails, a standby VNF will be awoken in another
site. In order to guarantee the high availability of SFC, the SFP
should be adjusted and the SFF attached to failed VNF should tunnel
packets to standby VNF in another site. The state synchronization is
required among VNFs over multisites. The state synchronization can be
done by direct links among multiple cloud locations or via the central
NFV-MANO.



<Do, et al.>               Expires Jan 1,2018                  [Page 7]


Internet-Draft       <High availability for SFC>            Jul 1, 2017



5. Security Considerations

TBD.

6. IANA Considerations

TBD.

7. References

7.1. Normative References


   [RFC7665]
             J. Halpern, C. Pignataro, "Service Function Chaining
             (SFC) architecture", IETF RFC 7665, Oct 2015



7.2. Informative References

    [ETSI-NFV-ARCH]
             Network Function Virtualisation (NFV): architectural
             framework
    [ETSI-NFV-REL001]
             Network Functions Virtualisation (NFV); Resiliency
             Requirements
    [ETSI-NFV-REL002]
             Network Functions Virtualisation (NFV); Reliability;
             Report on Scalable Architectures for Reliability
             Management
    [ETSI-NFV-REL003]
             Network Functions Virtualisation (NFV); Reliability;
             Report on Models and Features for End-to-End Reliability



<Do, et al.>               Expires Jan 1,2018                  [Page 8]


Internet-Draft       <High availability for SFC>            Jul 1, 2017


Authors' Addresses

   Truong-Xuan Do
   Soongsil University
   Changui Bldg. 403,
   (156-743) 511 Sangdo-Dong, Dongjak-Gu, Seoul, Korea

   Phone: +82 10 4473 6869
   Email: thespring1989@gmail.com


   Younghan Kim
   Soongsil University
   11F Hyungnam Engineering Bldg. 1107,
   (156-743) 511 Sangdo-Dong, Dongjak-Gu, Seoul, Korea

   Phone: +82-2-820-0904
   Email: younghak@ssu.ac.kr






















<Do, et al.>               Expires Jan 1,2018                  [Page 9]