BRKSDN 2333

BRKSDN-2333
Open-source NFV platform?

OPNFV!
Frank Brockners
Cisco Spark
Questions?
Use Cisco Spark to communicate
with the speaker after the session
How
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
cs.co/ciscolivebot#BRKDCN-2390
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
“The 20th century was about invention, the
21st is about mashups and integration”
Toby Ford,
FD.io Mini-Summit Sept, 2016
BRKSDN-2333 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
NFV Stacks – A User Perspective:
Above and below “The Line”
Service Model WorkFlow Topology App Intent
VM Policy, Network Policy

Service Provisioning Service Provisioning, Service
Workload Placement
Service/WF Life Cycle Configuration
Manager Service Chaining, Service Monitoring
Service Configuration
Auto Recovery, Elastic Scaling, Workload
Placement, Service Assurance
VM/Container Policy
Service Monitoring Virtual Machine/Container
Auto Healing Life Cycle Manager
Elastic Scaling
Phys./virtual Network Control Network Controller;

Group Policy, Chaining Hypervisor/Host//Container
High-Performance
IO Abstraction & Feature
Compute Network Storage
Flexible Feature Paths Path
OpenSource Building Blocks: ~ 2014/15
PaaS
Application Layer / App Server PaaS platforms
Network Data Analytics

Cloud Infra & Tooling
Orchestration
VIM Management System
Network Control
Operating Systems
Infrastructure
IO Abstraction & Feature Path
Hardware
OpenSource Building Blocks
2015 – 2017: Several New LF Projects
PaaS
Additional

Orchestration
*
Network Control
Operating Systems
Infrastructure
Hardware
Composing the NO-STACK-WORLD
Application Layer / App Server The “No-Stack-Developer”
Network Data Analytics OPNFV
Orchestration
• Compose
• Deploy
• Test
Network Control
• Evolve
Operating Systems • Iterate
Hardware
• OPNFV
Evolve/Integrate/Install/Test
Assembling Platforms:
OpenSource Building Blocks
PaaS
Additional

Orchestration
Network Control
Operating Systems
Infrastructure
Hardware
CI/CD
Evolve/Integrate/Install/Test
“Systems integration as an
open community effort.”
Open Platform for NFV (OPNFV) facilitates the
development and evolution of NFV
components across various open source
ecosystems.
Through system level integration, deployment

and testing, OPNFV creates a reference NFV
platform to accelerate the transformation of
enterprise and service provider networks.
OPNFV Danube Overview
Virtual Network Functions
Management and Orchestration Integration Testing New Features

Compute Storage Network
Virtualization Virtualization Virtualization Alignment Functional
OpenStack
KVM Ceph OpenDaylight Installation System NFV Features
LXD ONOS Composition Performance

OpenContrail Upstream Project
Collaboration:
Data Plane Continuous Integration / Continuous Deployment

FD.io OVS
DPDK ODP
Documentation
Infrastructure
Pharos Community Labs Security
OPNFV Bare Metal Lab
Create.Compose.Deploy.Test.
Iterate.
Iterate.
Enhancing the “Stack”:
Evolving/Developing while Integrating
PaaS
Application Layer / App Server
NFV Telemetry Data Acquisition

Network Data Analytics (VNF Event Stream, Barometer)
NFV deployment architectures MANO solutions

Orchestration (Multi-Site, EdgeNFV) Opera (Open-O), Orchestra (OpenBaton)
Fault Management/Localization, Audit Resource Control/Scheduling Model and Policy Driven Control
VIM Management System (Doctor, Pinpoint, Prediction, (Copper, Movie, Models, Domino,
Bottlenecks, Inspector) (Promise, Resource Scheduler (RS)) Parser)
Network Policy NFV services (service chaining, VPN, ..) SDN Controller Performance Test
Network Control (FastDataStacks, Copper, PolicyTest) (VNFFG, SFC, SDNVPN) (Cperf)
Hypervisor for NFV

Operating Systems, virt. Infra (KVM4NFV)
Infrastructure
Dataplane Performance Test Dataplane Evolution & Test

IO Abstraction & Feature Path (Vsperf, Fastpath) (DPACC, OVSDPDK, FastDataStacks)
Infra control & CI/CD

Hardware (Pharos, Releng, Octopus)
Create Scenarios/Stacks Installation, Upgrade Documentation

Integrate/Install (IPv6, FastDataStacks, Armband, Apex, Daisy, (Apex, Joid, Fuel, Compass, Daisy, (OPNFVdocs)
CI/CD
ONOSFW, OpenContrail,, Joid, Fuel, Compass) Escalator, Genesis)

System Testing Storage Performance Test Security
System Test & Security Audit (Yardstick, FuncTest, Qtip) (Storperf) (Moon)
Create.Compose: A typical workflow
Present
Solution & Reach & Integrate,
Architecture demos,
Requirement review develop test and
& Gaps collect
internally upstream document
feedback
Example: OPNFV Doctor project
• Goal:
• Develop and build fault management and maintenance framework for high availability
of Network Services running on top of virtualized infrastructure.
 Proposed with a very clear target / key feature:
• Immediate notification of unavailability of virtualized resources
from VIM to Consumer
• Members:
• NEC (PTL: Ryota Mibu), AT&T, Cisco, Cloudbase Solutions, Corenova, Ericsson,
Hephaex, Huawei, Intel, KDDI, KT, Nokia, NTT DOCOMO, Spirent, Sprint, Telecom
Italia, Vmsec, ZTE
• https://wiki.opnfv.org/display/doctor/
OPNFV Doctor project – Timeline...
ARNO (May/2015) BRAHMAPUTRA (March/2016) COLORADO (Sept/2016) DANUBE (March/2017)

- Requirement document - Ceilometer “Immediate - Nova: - Neutron “Port Status update”
Notification” “Get valid server state” - Inspector design guidelines
- Nova “Mark Host Down” - Integration of Congress - Performance profiler
- Functional test cases as Doctor Inspector - Documentation updates
- PoC demo at OPNFV - Extended functional tests
Summit - PoC demo at OPNFV Summit and
- Documentation updates OpenStack Summit Barcelona
- Documentation updates
Example: OPNFV FastDataStacks Project
• Create a new stack which significantly
evolves networking for NFV:
Introduce Solution Stacks with FD.io/VPP
• OpenStack – ODL (Layer2) – VPP
• OpenStack – VPP
• Work areas:
• OpenStack (ML2 driver: networking-vpp)
• ODL enhancements (GBP Neutron Mapper,
VPP Renderer)
• FD.io - VPP/Honeycomb enhancements
• OPNFV Installer integration (APEX)
• OPNFV System-level testing
• Contributors:
https://wiki.opnfv.org/display/fds
OPNFV FastDataStacks project – Timeline...
Colorado 3.0 Danube 1.0 Danube 2.0 Euphrates 1.0
(Dec/2016) (March/2017) (May/2017) (November/2017)
- Enhanced O/S- - Enhanced O/S- - Enhanced O/S- - Enhanced O/S-
ODL(L2)-VPP stack ODL(L3)-VPP ODL(L3/L2)-VPP ODL-VPP stack:
(Infra complete: stack (Infra stack: HA for DVR with VPP
Neutron / GBP Mapper complete: OpenStack and (pure L3 for east-
/ GBP Renderer / VBD Neutron / GBP ODL (clustering) west and north-
/ Honeycomb / VPP) Mapper / GBP south
- Enhanced system-level Renderer / VBD / communication);
testing Honeycomb / Dynamic VXLAN-
- L2 networking using VPP) tunnel control via
ODL (incl. east-west - L2 and L3 LISP
security groups), L3 networking
networking uses using ODL (incl.
qrouter/OVS east-west
security groups)
- O/S-VPP (Infra:
Neutron ML2-VPP /
Networking-vpp-agent /
VPP)
- Automatic Install,
Overlays: VLAN
Building/evolving features means contributing upstream
Team Up To Drive Required Change Upstream
Swimming upstream Swimming upstream Team-up to increase

is hard is dangerous the likelihood to succeed
Iterate.
Choice of existing and new components,
System state definition
Integrate & build* Test on

as a system reference system(s)
Lab3
Install on
Lab2
reference Lab1
system(s)
*OPNFV currently composes builts from

existing artifacts (e.g. RPMs) rather Lab1 Lab3 OPNFV CI/CD Projects:
than builds from source Lab2
Octopus, Releng
OPNFV CI/CD – Project CI
Google Cloud
Storage
Patch Verified Poll changes Upload ISO

+1/-1 Clone repo
Build
new yes
Build
changes?
Build
Build Server
Patchset Push Image

Verification
no
Docker
Hub
OPNFV CI/CD – Platform CI
Google Cloud Docker Docker
Storage Hub Hub
Pull Down Pull Down

Download
Functest Image Yardstick Image
ISO
Labs connected 24x7

using JNLP
Initiate Deploy Functest Yardstick

Run for certain
Scenario
Jumphost
Pharos POD
(SUT)
OPNFV Development Workflow
Project Team OPNFV Gerrit OPNFV CI/Test OPNFV Release Upstream Gerrit Upstream CI/Test Upstream Release
Requirement
Patch
Test Test
Release
Fast feedback
Document
Downstream
Test
Release
• Longdevelopment
Fast developmentcyclecycle
• Fast feedback,
Downstream will< delay
1 day to next release
• OPNFV
Slow specific>issues
feedback, can be
5 months
• OPNFV specific in
tested/detected issues
time; cannot be
• Correction in same
tested/detected in time
release
Cross Community CI (XCI)
contribute contribute contribute contribute
pull from master, deploy, test

and/or
verify patchset, post feedback
Deploy – Develop - Test
Pharos Project: Community Labs
Goals:
• Facilitate collaborative testing
• Provide developers with

substantial resources
• Ensure OPNFV applicability

across architectures,
environments and vendors
• Create more robust, interoperable https://www.opnfv.org/developers/pharos

releases
https://wiki.opnfv.org/display/pharos/Pharos+Home
Infrastructure – Distributed Pharos Labs
• Facilitate collaborative testing
• Ensure OPNFV applicability across architectures, environments and vendors
• Create more robust, interoperable releases

https://www.opnfv.org/developers/pharos
https://wiki.opnfv.org/display/pharos/Pharos+Home
Pharos Architecture
Infrastructure Homogeneity
Lab as a Service
Resources booked via dashboard
CI/CD Dynamic Resource Allocation
Dedicated Resources
Installer X
Scenario A
Dedicated Resources
Resources Dynamically Allocated
Installer Y Scenario B
OPNFV – testing and integration project
NFV orchestration
Virtualized Network Functions
VNF VNF VNF VNF
Cloud Management
Infrastructure
Virtualization
Types of testing
Functional Performance Stress Security
Infrastructure Network Network Upgradability

Features Storage Storage
Components Compute Compute
Backup&Restore
VNF Virtual layer …
MANO Traffic gen.
… … .
.
.
OPNFV Test Ecosystem
Test:
Functional Testing: Example Project FuncTest
vPing SSH ODL suite Promise
Verify private & public Robot framework, ODL Resource reservation and
connectivity
functional testing management project
vPing userdata
Verify nova-metadata ONOS suite Doctor
service and private TestON framework Fault management and
connectivity
maintenance project
Tempest test
OpenStack native tests vIMS BGPVPN
(200+ tests) OpenStack
OpenSource solution by
Clearwater Neutron BGPVPN project
Rally bench tests integration
Benchmark the
OpenStack deployment
System-Level testing: Example Project YardStick
Pre-Deployment
validation of NFVI
YardStick Test-Framework
ETSI GS - System under Test (SUT)
NFV-TST001 1. Define infrastructure
Configure - Deployment rules
Control plane/User plane
Chapter 6 Main components
2. Identify VNF
Pre-Deployment Real time constraints
type Hardware
validation Metrics - Generate template or
of NFV Deploy - External templates
3. Select Test Cases
infrastructure
Test cases 1 … N - Execute benchmarks
4. Execute Tests Test stimuli - Trigger External scripts
Test environment Test for SUT disturbances
- Collect results
5. Collect Results
- Graphical results
6. Integrate VNF Validate - Assertion
application
Performance/Speed Capacity/Scale Reliability/Availability
Compute - Latency for random memory access - Number of cores and threads - Processor availability (Error free
- Latency for cache read/write operations - Available memory size processing time)
- Processing speed (instructions per second) - Cache size - Memory availability (Error free
-Throughput for random memory access - Processor utilization (max, average, standard memory time)
(bytes per second) deviation) - Processor mean-time-to-failure
- Memory utilization (max, average, standard - Memory mean-time-to-failure
deviation) - Number of processing faults per
- Cache utilization (max, average, standard second
deviation)
Network - Throughput per NFVI node (frames/byte - Number of connections - NIC availability (Error free connection
per second) - Number of frames sent/received time)
- Throughput provided to a VM - Maximum throughput between VMs (frames/byte - Link availability (Error free
(frames/byte per second) per second) transmission time)
- Latency per traffic flow - Maximum throughput between NFVI nodes - NIC mean-time-to-failure
- Latency between VMs (frames/byte per second) - Network timeout duration due to link
- Latency between NFVI nodes - Network utilization (max, average, standard failure
- Packet delay variation (jitter) between deviation) - Frame loss rate
VMs - Number of traffic flows
- Packet delay variation (jitter) between
NFVI nodes
Storage - Sequential read/write IOPS - Storage/Disk size - Disk availability (Error free disk access
- Random read/write IOPS - Capacity allocation (block-based, object-based) time)
- Latency for storage read/write operations - Block size - Disk mean-time-to-failure
- Throughput for storage read/write - Maximum sequential read/write IOPS - Number of failed storage read/write
operations - Maximum random read/write IOPS operations per second
- Disk utilization (max, average, standard deviation)
Test Dashboards
Test Dashboards
Operations and Troubleshooting support:
Operating OpenStack Networking is not that simple
https://www.openstack.org/videos/video/troublesho
oting-neutron-physical-and-virtual-networks
(“Operations War Stories” from OS Summit)
OPNFV Project Calipso
• Solves virtual networking discovery issues
• Monitoring support for ‘day2 net operations’
• Discover, Analyze, Monitor, Visualize
• Substantially lowering administration overhead for maintenance and
troubleshooting cycles in cloud environments ( < 90% for discovery, analysis
and monitoring of v-nets)
• Highly Customized and Modeled
• calipso.io and
http://docs.opnfv.org/en/stable-
euphrates/submodules/calipso/docs/release/monitoring-guide.html
Calipso
Calipso
Calipso feature set today (‘out of the box’):
• Auto-discovery of virtual networking components, their detailed data for K8S and OpenStack
• Auto-discovery and end-to-end monitoring for virtual-physical-virtual for ACI/APIC use-cases
• Analysis of inter-connections and dependency (links) with embedded impact analysis
• Monitoring of virtual networking objects and links for health and status, some statistics
• Visualization of topologies, statuses, settings, browsing tree and an embedded search engine.
• API for Eco-system integrations.
• Support multi-region and multi-tenancy in multiple OpenStack, K8s environments
• Integrated monitoring and a plug-in framework, ready for many type of devices
• A unified ‘all-in-one’ Installer for simple deployment.
• Modeled, Federated and customized, ‘model driven design’ and ‘micro-services’ architectures.
OPNFV NFVbench:
Evaluating NFVI performance
• Full-Stack NFV blackbox NIC NFVbench (with Trex)
NFV-benchmark:
NFVbench tool
NIC VPP VNF1 Compute 1
• Different connection scenarios HoneyComb Nova
(PVP, PVVP, ..)
• Different traffic patterns UCS-B
Fabric NIC VPP VNF2 Compute 2
• NDR/PDR detection HoneyComb Nova
Switch
• Different VNFs
• Compare a FastDataStack to NIC VPP Controller

HoneyComb Controller UnderCloud
legacy stacks with other virtual
switches, e.g. OVS
NIC Jumphost
OverCloud
FastDataStack
full NFV stack deployment
An NFV Solution Stack is only as good as its foundation
OPNFV Releases
OPNFV Release History
June 4, 2015 March 1, 2016 September 26, 2016 April 4, 2017
Baseline foundation of Massively parallel simultaneous Platform support for NFV Brings together end-to-end
components necessary to build release process. applications and key networking stacks, including
an NFV platform from upstream Advancements in infrastructure, improvements in services and MANO, data plane
components processes, and upstream support acceleration, and architecture
collaboration advancements.
OPNFV Danube (April 2017)
• The only platform that brings together elements across multiple end-to-end open
networking stacks
• Foundational support and introduction of capabilities for MANO including integration
with ONAP (Open-O)
• Enhanced DevOps automation and testing methodologies, including performance and
benchmarking test suites
• Architectural improvements including greater network control flexibility, HA, and
multisite improvements
• Focus on NFV performance including acceleration of the data plane via FD.io
integration and enhancements to OVS-DPDK and KVM
• Feature enrichment and maturity in core NFVI/VIM functionality such as IPv6, Service
Function Chaining (SFC), L2 and L3 Virtual Private Network (VPN), fault management
and analysis, and a continued commitment to support multiple hardware architectures
OPNFV Euphrates (October 2017)
• Introduces Kubernetes container orchestration engine as an
alternative VIM, and with SDN controllers including basic Focus on Analytics and Benchmarking
functional and performance testing capabilities. A containerized
version of OpenStack simplifies OpenStack lifecycle management. • Barometer
(CollectD for OPNFV)
• Integrates cross-community continuous integration (XCI), where • VNF Event Stream (VES)
the OPNFV CI pipeline integrates the latest upstream code, • Bamboo
reducing feedback time on a new feature or bug-fix from months
to days. (PNDA.io for OPNFV)
• Virtual Infrastructure
• Delivers an extensive set of tools to test the NFVI/VIM layer (i.e. Networking Assurance
NFV cloud), VNFs and complete network services. With two new (Calipso)
projects: SampleVNF and NFVbench
• NFVbench (Full Stack NFVI
• Includes new carrier-grade features through a new project, one-shot benchmarking)
Calipso, where operators gain visibility to their complex virtual • Yardstick
networks and access powerful service assurance framework.
• Qtip
• Performance improvements on the ARM architecture and in L3
performance with FD.io; new security, SFC, FD.io and EVPN
features.
OPNFV and ONAP: Thoughts on alignment
Develop.Integrate: XCI:
Management & Deploy.Test
Orchestration: (OPNFV, ODL, ONAP,
FD.io, PNDA.io, ...)
Develop.Integrate:
NFV-I
Example:
The OPNFV
FastDataStacks project
Foundational Assets For NFV Infrastructure:
A stack is only as good as its foundation
• Virtual Forwarder Service WorkFlow App
• Feature rich, high performance, Model Topology Intent
highly scalable virtual switch-router
• Leverages hardware accelerators
• Runs in user space
Service/WF Life Cycle
Manager
• Modular and easy extensible
• Forwarder Diversity: Hardware and Software Virtual Machine/Container

• Virtual Domains link and interact with physical Life Cycle Manager
domains
• Domains and Policy Network Controller
• Connectivity should reflect business logic Forwarder – Switch/Router
instead of physical L2/L3 constructs
Networking Foundation for NFV Infrastructure
Choices
• VPP
• Highly scalable, high
performance, extensible virtual
forwarder
• OpenDaylight
• Extensible controller platform
• Decouple business logic from
network constructs: Group
Based Policy as mediator
between business logic and
network constructs
• Support for a diverse set of
network devices
• Clustering for HA
Introducing Vector Packet Processor - VPP
• VPP is a rapid packet processing development platform for
highly performing network applications
NC/Y REST ...
• 14+ MPPS, single core
• Multimillion entry FIBs Management Agent
• 480Gbps bi-dir on 24 cores
• Runs on commodity CPUs and leverages DPDK

• Creates a vector of packet indices and processes them
using a directed graph of nodes – resulting in a highly
performant solution.
• Runs as a Linux user-space application
• Ships as part of both embedded & server products, in
volume;
Packet Processing: VPP
• Active development since 2002
Network IO
• See also: FD.IO (The Fast Data Project)

VPP Performance at Scale Phy-VS-Phy
IPv6, 24 of 72 cores IPv4+ 2k Whitelist, 36 of 72 cores Zero-packet-loss Throughput

for 12 port 40GE
[Gbps]] [Gbps]]
600.0 600
Hardware:
400.0 400 Cisco UCS C460 M4
200.0 200 Intel® C610 series chipset
0.0 1518B 0 4 x Intel® Xeon® Processor E7-8890
64B 64B v3
(18 cores, 2.5GHz, 45MB Cache)
2133 MHz, 512 GB Total
9 x 2p40GE Intel XL710
18 x 40GE = 720GE !!
480Gbps zero frame loss IMIX => 342 Gbps,1518B => 462 Gbps
Latency
18 x 7.7trillion packets soak test
[Mpps] [Mpps] Average latency: <23 usec
300.0 300
Min Latency: 7…10 usec
200.0 200 Max Latency: 3.5 ms
100.0 100
Headroom
0.0 1518B 0
Average vector size ~24-27
64B 64B
Max vector size 255
Headroom for much more
throughput/features
NIC/PCI bus is the limit not vpp
200Mpps zero frame loss 64B => 238 Mpps
NFV is about forwarding delay:
VPP means low delay
Min Delay
• Low long-term max packet delay Average Delay < 10 usec Max Delay
with FD.io VPP
• 0.007ms < 0.023ms < 3.5ms
< 23 usec < 3.5 msec
• Other vSwitches
• >120ms long term max delay
• Tests environment
• stock Ubuntu 14.04.03 LTS Kernel:
3.13.0-63-generic (no Linux tuning)
• Cisco UCS C460 M4 (4 x Intel® Xeon®
Processor E7-8890 v3 (18 cores,
2.5GHz, 45MB Cache), 9 x 2p40GE
Intel XL710)
VPP Features as of 17.01 Release
Hardware Platforms Routing Switching Network Services
IPv4/IPv6 VLAN Support DHCPv4 client/proxy
Pure Userspace - X86,ARM 32/64,
14+ MPPS, single core Single/ Double tag DHCPv6 Proxy
Power, Raspberry Pi
Hierarchical FIBs L2 forwd w/EFP/BridgeDomain concepts MAP/LW46 – IPv4aas
Multimillion FIB entries VTR – push/pop/Translate (1:1,1:2, 2:1,2:2) MagLev-like Load
Source RPF Mac Learning – default limit of 50k addr Identifier Locator Addressing
Interfaces Thousands of VRFs Bridging NSH SFC SFF’s & NSH Proxy
Controlled cross-VRF lookups Split-horizon group support/EFP Filtering LLDP
DPDK/Netmap/AF_Packet/TunTap BFD
Vhost-user - multi-queue, reconnect, Multipath – ECMP and Unequal Cost Proxy Arp
Arp termination Policer
Jumbo Frame Support Multiple million Classifiers –
IRB - BVI Support with RouterMac assigmt
Flooding Arbitrary N-tuple
Language Bindings Segment Routing Input ACLs
Interface cross-connect
C/Java/Python/Lua SR MPLS/IPv6 L2 GRE over IPSec tunnels Inband iOAM
Including Multicast
Telemetry export infra (raw IPFIX)
iOAM for VXLAN-GPE (NGENA)
Tunnels/Encaps LISP Security SRv6 and iOAM co-existence
iOAM proxy mode / caching
Mandatory Input Checks:
GRE/VXLAN/VXLAN-GPE/LISP-GPE/NSH LISP xTR/RTR iOAM probe and responder
TTL expiration
IPSEC L2 Overlays over LISP and header checksum
Including HW offload when available GRE encaps L2 length < IP length
Multitenancy ARP resolution/snooping
Multihome ARP proxy Monitoring
MPLS Map/Resolver Failover SNAT
Source/Dest control plane support Ingress Port Range Filtering Simple Port Analyzer (SPAN)
MPLS over Ethernet/GRE Map-Register/Map-Notify/ Per interface whitelists IP Flow Export (IPFIX)
Deep label stacks supported ‘ RLOC-probing Policy/Security Groups/GBP Counters for everything
(Classifier) Lawful Intercept
Rapid Release Cadence – ~3 months
17-04 17-07
16-09 17-01
Release: Release:
Release: Release:
VPP, Honeycomb, VPP, Honeycomb,
VPP, Honeycomb, VPP, Honeycomb,
NSH_SFC, ONE… NSH_SFC, ONE
NSH_SFC, ONE NSH_SFC, ONE
16-09 NewFeatures 17-01 New Features 17-04 New Features 17-07 New Features
VPP Userspace Host Stack VPP Userspace Host Stack

Enhanced LISP support for Hierarchical FIB TCP stack Improved Linux Host Stack Compatibility
L2 overlays Performance Improvements DHCPv4 & DHCPv6 relay/proxy Improved loss recovery (RFC5681, RFC6582,
Multitenancy DPDK input and output nodes ND Proxy RF6675)
Multihoming L2 Path SNAT Basic implementation of Eifel detection
Re-encapsulating Tunnel IPv4 lookup node CGN: port allocation & address pool algorithm (RFC3522)
Routers (RTR) support IPSEC Performance CPE: External interface Interfaces
Map-Resolver failover SW and HW Crypto Support NAT64, LW46 memif: IP mode, jumbo frames, multi queue
algorithm HQoS support Segment Routing Network Features
New plugins for Simple Port Analyzer (SPAN) SRv6 Network Programming MPLS Multicast FIB
SNAT BFD, ACL, IPFIX, SNAT SR Traffic Engineering BFD FIB integration
MagLev-like Load L2 GRE over IPSec tunnels SR LocalSIDs NAT64 support
Identifier Locator LLDP Framework to expand LocalSIDs GRE over IPv6
Addressing LISP Enhancements w/ plugins LISP
NSH SFC SFF’s & NSH Source/Dest control plane iOAM - NSH support
Proxy L2 over LISP and GRE UDP Pinger - L2 ARP
Port range ingress filtering Map-Register/Map-Notify IOAM as type 2 metadata in NSH ACL multi-core suuport
Dynamically ordered RLOC-probing Anycast active server selection GTP-U support
subgraphs Flow Per Packet IPFIX Improvements (IPv6)
Control & configuration plane for VPP: Honeycomb
A generic, model driven (YANG) management agent
• Northbound interfaces:
• RESTCONF
• NETCONF
• Generic data processing layer (transaction

management, validation)
• Data processing layer: Pipeline processing data from
northbound interfaces down to translation layer
• Translation layer: Invoked by above layer to handle
configuration updates or when polling operational state
from VPP. Specific translation code lives in this layer in
a form of extensions/plugins
• Extensible, pluggable translation layer to handle

resulting data in any way
HoneyComb
HoneyComb – Key Features
• Key Features:
• Config, Operational, Context data processing, Persistence & Reconciliation, Rollback,
CRUD operations on data, Notifications, Simple JSON plugin configuration
• Infrastructure:
• Utilizes existing Opendaylight components and tools:
• Yangtools, MD-SAL, Netconf, Restconf
• Does not use ODL’s config subsystem, OSGi or any other container
• Wired into a special data processing pipeline
• Running in a JVM
• Reduced Footprint (compared to ODL)

• < 100Mb RAM, < 10sec Startup time, < 30Mb of disk
Group Based Policy in Open Daylight
Group policy for generic “end points”
• Application-focused policy expressions:
Policies mirror application semantics.
Capture policy requirements without
detailed knowledge of networking.
• Improved automation: Grouping constructs
allow higher level automation tools to easily
manipulate groups of network endpoints
simultaneously.
• Consistent policy by grouping end points and
applying policy to groups
• Extensible because of implementation
independence, hence applicable to policy for
connectivity, security, L4-7, QoS, etc.
See also: https://wiki.opendaylight.org/view/Group_Policy:Main
OK. Ready to integrate!
Evolving The OPNFV Scenario Set
• OPNFV uses “scenarios” (i.e. Category
Components in
compositions of features and their OPNFV
configuration) as key release vehicle Install Tools
Apex, Compass,
Fuel, Juju
• Let‘s create a new stack which
significantly evolves networking for NFV VM Control OpenStack
• Introduce Scenarios with VPP for OPNFV OpenDaylight,

Network Control
• os-nosdn-fdio-noha, os-nosdn-fdio-ha ONOS, OpenContrail
• os-odl_l2-fdio-noha, os-odl_l2-fdio-ha
Hypervisor KVM, KVM4NFV
• os-odl_l3-fdio-noha, os-odl_l3-fdio-ha
Forwarder OVS, OVS-DPDK + VPP
OPNFV FastDataStacks (FDS)
• Integrate VPP into existing
OPNFV scenarios
Install Tools Apex Apex Apex
• Initial scenarios
VM Control OpenStack OpenStack OpenStack
• OpenStack – VPP
OpenDaylight OpenDaylight
Network Control
• ... L2 L3
• Diverse set of contributors: Hypervisor KVM KVM KVM
Forwarder VPP VPP VPP

• https://wiki.opnfv.org/display/fds
FastDataStacks Component Development:
Direct Integration of VPP with OpenStack
...
• OpenStack
• Networking-vpp ML2 driver Neutron
ML2-driver: networking-vpp
• FD.io
• VPP – Enhancements
• CSIT – VPP component tests etcd
• OPNFV
• Overall System Composition – Integration into CI/CD
• Installer: Integration of VPP into APEX
• System Test: FuncTest and Yardstick system test ML2-agent
application to FDS VPP
DPDK
System Install System Test

(APEX) (FuncTest, Yardstick)
See also:
FDS Architecture: https://wiki.opnfv.org/display/fds/OpenStack-ODL-VPP+integration+design+and+architecture
Networking-vpp: overall architecture
Neutron Server
ML2 VPP journaling

Mechanism Driver
VM VM VM VM VM VM
HTTP/json
vhostuser vhostuser
VPP Agent
VPP Agent
VPP VPP
dpdk dpdk
Compute Node Compute Node
vlan / flat network

FastDataStacks: OS – FD.io
Example: 3 node setup: 1 x Controller, 2 x Compute
Internet
External network i/f

Controlnode-0
OVS (br-ex)
OpenStack Services qrouter (NAT)

Computenode-0 Neutron Server Computenode-1
ML2 VPP
tap
Mechanism Driver
ML2 Agent tap Bridge ML2 Agent

DHCP ML2 Agent
Domain VPP
Tenant network i/f

Tenant network i/f
Tenant network i/f
vhost- Bridge Bridge vhost-

VM 1 user Domain Domain user VM 2
VPP VPP
VLAN / Flat network
Networking-vpp: current feature set
• Network types • Layer 3 Networking
• VLAN: supported since version 16.09 • North-South Floating IP
• VXLAN-GPE: supported since version 17.04 • North-South SNAT
• East-West Internal Gateway
• Port types
• VM connectivity done using fast vhostuser • Robustness
interfaces • If Neutron commits to it, it will happen
• TAP interfaces for services such as DHCP • Component state resync in case of failure: recovers
from restart of Neutron, the agent and VPP
• Security
• Security-groups based on VPP stateful ACLs
• Port Security can be disabled for true fastpath
• Role Based Access Control and secure TLS
connections for etcd
• JSON Web Token (RFC 7519) with X.509
Certificate
• Tap as a Service (scheduled for 17.10)
Networking-vpp: port creation process
1 5
networking-vpp/nodes/vpp-
rocks/ports/c367e21f-ae39-4549-b87d- Request Notification
2e69636155c6
{"allowed_address_pairs": [], "segmentation_id":

194, "mtu": 1500, "binding_type": "plugtap",
"physnet": "physnet", "mac_address":
"fa:16:3e:03:ce:ff", "port_security_enabled": false, Neutron Server 1
"fixed_ips": [{"subnet_id": "006fce47-6072-4099-
a695-c3caa140fff7", "ip_address": "10.0.0.2"},
{"subnet_id": "81b2fbdc-c350-4f35-9b9b- ML2 VPP
909cf33a4426", "ip_address": Mechanism Driver
"fd59:3bf6:c35d:0:f816:3eff:fe03:ceff"}],
"network_type": "vlan", "security_groups": []}
VM
2
3
vhostuser 2
5
VPP Agent
3
VPP
dpdk
/networking-vpp/state/vpp-rocks/ports/d2069a46-3a47-4ec7-94fb-
4
3b1bcd4c6dc0
Compute Node
{"net_data": {"segmentation_id": null, "if_physnet": "tap-2", "bridge_domain_id": 3,
"if_uplink_idx": [3], "network_type": "flat", "physnet": "physnet"}, "bind_type":
"plugtap", "ext_tap_name": "tapd2069a46-3a", "mac": "fa:16:3e:5d:fe:c4",
"bridge_name": "br-d2069a46-3a", "int_tap_name": "vppd2069a46-3a", "iface_idx":
6}
FastDataStacks Component Development
Controller-based integration of VPP with OpenStack
...
• OpenDaylight
• GBP Neutron Mapper Neutron
• GBP Renderer Manager enhancements REST
• VPP Renderer Neutron NorthBound

• Virtual Bridge Domain Mgr / Topology Manager GBP Neutron Mapper
• FD.io GBP Renderer Manager
• HoneyComb – Enhancements VPP renderer Topology Mgr - VBD
• VPP – Enhancements
Netconf/YANG
• CSIT – VPP component tests
Honeycomb (Dataplane Agent)
• OPNFV VPP
• Overall System Composition – Integration into CI/CD DPDK
• Installer: Integration of VPP into APEX
• System Test: FuncTest and Yardstick system test application to System Install System Test
(APEX) (FuncTest, Yardstick)
FDS
See also:
FDS Architecture: https://wiki.opnfv.org/display/fds/OpenStack-ODL-VPP+integration+design+and+architecture
FastDataStacks: OS – ODL(L2) – FD.io
Internet

Controlnode-0
OVS (br-ex)
OpenStack Services qrouter (NAT) Network Control

Computenode-0 Computenode-1
tap
HoneyComb tap Bridge HoneyComb

DHCP VPP HoneyComb
Domain
Tenant network i/f

Tenant network i/f
Tenant network i/f
vhost- Bridge VXLAN VXLAN Bridge vhost-

VXLAN
VPP VPP
FastDataStacks: OS – ODL(L3) – FD.io
Internet

Controlnode-0
OpenStack Services Network Control

Computenode-0 Computenode-1
HoneyComb tap Bridge HoneyComb

DHCP VPP HoneyComb
Domain
Tenant network i/f

Tenant network i/f
Tenant network i/f
vhost- Bridge VXLAN VXLAN Bridge vhost-

VXLAN
VPP VPP
Example: Creating a Neutron vhostuser port on VPP
POST PORT
Neutron (id=<uuid>, host_id=<vpp>, vif_type=vhostuser)
Update Port
Neutron NorthBound
Map Port to GBP Endpoint
GBP Neutron Mapper Update/Create Policy involving GBP Endpoint
Resolve Policy
GBP Renderer Manager
Apply policy, update nodes
VPP Renderer
configure Bridge domain and tunnel config
Netconf/ interfaces over
YANG Netconf Topology Manager (vBD)
Netconf/ Configure bridge domain on
YANG nodes over NetConf
Honeycomb Honeycomb
VM vhostuser VXLAN Tunnel
VPP 1 VPP 2
Let’s install an OPNFV Solution Stack:
Using APEX/TripleO Installer to install a FastDataStack
Apex Installer
• Apex is an OPNFV Installation and Deployment tool based on the RDO
Project's Triple-O OpenStack installation tool
• Triple-O is an image based life cycle deployment tool that is a member of the
OpenStack Big Tent Governance
• https://wiki.opnfv.org/display/apex
• https://wiki.opnfv.org/display/apex/Integration+Guide
APEX Install & Build Undercloud VM
OpenStack
NIC 0
Admin
NIC 2
APEX / TripleO
• Jump Host Setup
• Apex ISO
• CentOS Virtualization Host +
Apex RPMs Public
Overcloud Controller
• Git Repo (local build) OpenStack Services
NIC 0
OpenDaylight
• Build artifacts: FD.io: Honeycomb, VPP NIC 1
• CentOS ISO qrouter

Tenant
OVS (br-ext) NIC 2
• Apex RPMs
• Undercloud libvirt image
Overcloud Compute 1..N
• Glance overcloud images Nova compute
NIC 0
FD.io: Honeycomb, VPP NIC 1
Apex: Deployment
Jump Host
Jump Host
Libvirt image → Undercloud VM
Apex:Deployment
Apex: Deployment
Jump Host
Undercloud (VM)
Glance images → OPNFV (overcloud)
Apex: Deployment
Jump Host
OPNFV
OPNFVControl
OPNFVControl
Control
Undercloud (VM)
OPNFV
OPNFVCompute
OPNFVCompute
Compute
“Overcloud”
Apex: Deployment
APEX deploy command:
3 config files
nohup opnfv-deploy --debug -n /etc/opnfv-

apex/network_settings.yaml -d /etc/opnfv-apex/os-odl_l2-
fdio-noha.yaml -i /etc/opnfv-apex/inventory.yaml &
Example:
/etc/opnfv-apex/os-odl_l2-fdio-noha.yaml
global_params:
ha_enabled: false
deploy_options:
sdn_controller: opendaylight #Use OpenDaylight as network controller
sdn_l3: false
odl_version: boron #OpenDaylight Boron is required for FDS
tacker: true
congress: true
sfc: false
vpn: false
vpp: true #use VPP
dataplane: fdio #use VPP for communication between compute nodes
performance:
Controller:
kernel:
hugepages: 1024 #VPP setups default to 1024
hugepagesz: 2M
intel_iommu: 'on'
iommu: pt
Compute:
kernel:
hugepagesz: 2M
hugepages: 2048 #Should be as high as possible for the compute nodes
intel_iommu: 'on' #enable IOMMU
iommu: pt #IOMMU pass through mode – disable IOMMU for the hypervisor
Deployment done!
root@pirl-opnfv: tail -5 nohup.out

== Keystone users ==
Warning keystonerc not sourced
Undercloud IP: 192.168.122.7, please connect by doing 'opnfv-util undercloud'
Overcloud dashboard available at http://192.168.3.85/dashboard
INFO: Post Install Configuration Complete
Ready...
Let’s use our “FastDataStack” OPNFV Solution
Running a FastDataStack (1/2)
1. Get an image
wget -O /tmp/cirros-0.3.4-x86_64-disk.img http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
2. Upload the image into Glance and make it support hugepages

glance image-create --name "cirros-0.3.4-x86_64" --file /tmp/cirros-0.3.4-x86_64-disk.img --disk-format qcow2
--container-format bare --visibility public--progress
glance image-update --property hw_mem_page_size=large ad74564d-fd22-414b-9fa3-619e87f781a9
3. Create a flavor with hugepages enabled

nova flavor-create --is-public true opnfv 42 768 1 1
nova flavor-key opnfv set hw:mem_page_size=large
4. Create a Neutron network

neutron net-create vxlannet --provider:network_type vxlan
Running a FastDataStack (2/2)
5. Assign a Subnet to your network
neutron subnet-create vxlannet 10.11.12.0/24 --name vxlansubnet
6. Create a Neutron Router

neutron router-create r1
neutron router-interface-add r1 subnet=vxlansubnet
neutron router-gateway-set r1 external
7. (Optional) Create Ports for your VMs

neutron port-create vxlannet --name vm-compute-0-1-port
neutron port-create vxlannet --name vm-compute-1-1-port
(booting the VMs will do this for you)
8. Boot your VMs

nova boot --image cirros-0.3.4-x86_64 --flavor opnfv
--nic port-id=`neutron port-list | grep vm-compute-0-1-port | cut -f 2 -d " "` vm-compute-0-1
--availability-zone nova:overcloud-novacompute-0.localdomain.com
nova boot --image cirros-0.3.4-x86_64 --flavor opnfv
--nic port-id=`neutron port-list | grep vm-compute-1-1-port | cut -f 2 -d " "` vm-compute-1-1
--availability-zone nova:overcloud-novacompute-1.localdomain.com
Network Setup Complete:
Example OpenStack Perspective: Check your ports
[root@overcloud-controller-0 ~]# neutron port-list

+------------------+------------------+------------------+---------------------+
| id | name | mac_address | fixed_ips |
+------------------+------------------+------------------+---------------------+
| 8904fbf0-5a9b- | | fa:16:3e:8c:8f:f | {"subnet_id": "1e9a |
| 48f2-b88f- | | 2 | 5a26-478e-4837-a659 |
| e115093d2594 | | | -ca7f6105a7e3", | DHCP tap port
| | | | "ip_address": |
| | | | "10.11.12.2"} |
| 9bf477cb-a016 | vm- | fa:16:3e:db:e5:0 | {"subnet_id": "1e9a |
| -407e-a97a- | compute-0-1-port | 2 | 5a26-478e-4837-a659 |
| 7f15b35c3bad | | | -ca7f6105a7e3", | Port for VM #1
| | | | "ip_address": |
| | | | "10.11.12.3"} |
| b504c2a4-6c6c-41 | vm- | fa:16:3e:99:24:4 | {"subnet_id": "1e9a |
| c0-b011-a3e747c6 | compute-1-1-port | 1 | 5a26-478e-4837-a659 | Port for VM #2
| 3568 | | | -ca7f6105a7e3", |
| | | | "ip_address": |
| | | | "10.11.12.4"} |
| f70a5d22-e6cd- | | fa:16:3e:3f:50:e | {"subnet_id": "1e9a |
| 4c36-8b7c- | | 4 | 5a26-478e-4837-a659 | qrouter tap port
| 66ddd14c469f | | | -ca7f6105a7e3", |
| | | | "ip_address": |
| | | | "10.11.12.1"} |
+------------------+------------------+------------------+---------------------+
ODL – Active
Example Network Topology
ODL Perspective: Active Network Topology
[root@overcloud-controller-0 ~]# curl -XGET -u admin:admin http://localhost:8081/restconf/operational/network-
topology:network-topology/ | python -mjson.tool
{
"network-topology": {
"topology": [
{
"link": [
{
"destination": {
"dest-node": "overcloud-novacompute-0.opnfvapex.com",
"dest-tp": "vxlan_tunnel5"
},
"link-id": "overcloud-novacompute-1.opnfvapex.com-1-overcloud-novacompute-0.opnfvapex.com",
"source": {
"source-node": "overcloud-novacompute-1.opnfvapex.com",
"source-tp": "vxlan_tunnel4"
},
"vbridge-topology:tunnel": "vxlan_tunnel4"
},
{
"destination": {
"dest-node": "overcloud-controller-0.opnfvapex.com",
"dest-tp": "vxlan_tunnel4"
},
"link-id": "overcloud-novacompute-0.opnfvapex.com-1-overcloud-controller-0.opnfvapex.com",
"source": {
"source-node": "overcloud-novacompute-0.opnfvapex.com",
"source-tp": "vxlan_tunnel4"
},
"vbridge-topology:tunnel": "vxlan_tunnel4"
},
[... abbreviated ...]
Example HoneyComb Perspective: Interfaces
[root@overcloud-controller-0 ~]# curl -XGET -v -u admin:admin http://localhost:8182/restconf/config/ietf-interfaces:interfaces/ | python -m json.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* About to connect() to localhost port 8182 (#0)
* Trying ::1...
* Connection refused
* Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8182 (#0)
* Server auth using Basic with user 'admin'
> GET /restconf/config/ietf-interfaces:interfaces/ HTTP/1.1
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.29.0
> Host: localhost:8182
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Sun, 18 Sep 2016 10:29:10 GMT
< Content-Type: application/yang.data+json
< Transfer-Encoding: chunked C0 C1
< Server: Jetty(9.3.11.v20160721)
<
{ [data not shown]
100 1499 0 1499 0 0 150k 0 --:--:-- --:--:-- --:--:-- 162k
* Connection #0 to host localhost left intact
{
"interfaces": {
"interface": [
{
"description": "neutron port", Ctl
"enabled": true,
"link-up-down-trap-enable": "enabled",
"name": "neutron_port_f70a5d22-e6cd-4c36-8b7c-66ddd14c469f",
"type": "v3po:tap",
"v3po:l2": {
"bridge-domain": "fea5f755-6457-4ff5-a4a1-e6404e6b6407"
},
"v3po:tap": {
"mac": "fa:16:3e:3f:50:e4",
"tap-name": "qr-f70a5d22-e6" QR DHCP
}
},
Example VPP perspective - vppctl show int addr
[root@overcloud-controller-0 ~]# vppctl show int addr

TenGigabitEthernet7/0/0 (up):
192.168.0.23/24
local0 (dn):
tap-0 (up):
l2 bridge bd_id 1 shg 0
tap-1 (up):
vxlan_tunnel0 (up):
vxlan_tunnel1 (up):
VMs up and running – Ready to Ping 
[root@overcloud-controller-0 ~]# nova list
+--------------------------------------+----------------+--------+------------+-------------+---------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+----------------+--------+------------+-------------+---------------------+
| 78a2a66d-b73c-470d-9359-5bd0a9076e61 | vm-compute-0-1 | ACTIVE | - | Running | vxlannet=10.11.12.3 |
| 05413042-1446-4cf0-ac93-9f2ba3dcf984 | vm-compute-1-1 | ACTIVE | - | Running | vxlannet=10.11.12.4 |
+--------------------------------------+----------------+--------+------------+-------------+---------------------+
OPNFV FastDataStacks project – Timeline...
Colorado 1.0 Colorado 3.0 Danube 1.0 Danube 2.0 Euphrates 1.0
(Sep/2016) (Dec/2016) (March/2017) (May/2017) (November/2017)
- Base O/S- - Enhanced O/S- - Enhanced O/S- - Enhanced O/S- - Enhanced O/S-
ODL(L2)-VPP ODL(L2)-VPP stack ODL(L3)-VPP ODL(L3/L2)-VPP ODL-VPP stack:
stack (Infra: (Infra complete: stack (Infra stack: HA for DVR with VPP
Neutron / GBP Neutron / GBP Mapper complete: OpenStack and (pure L3 for east-
Mapper / GBP / GBP Renderer / VBD Neutron / GBP ODL (clustering) west and north-
Renderer / VBD / / Honeycomb / VPP) Mapper / GBP south
Honeycomb / - Enhanced system-level Renderer / VBD / communication);
VPP) testing Honeycomb / Dynamic VXLAN-
- Automatic Install - L2 networking using VPP) tunnel control via
- Basic system- ODL (incl. east-west - L2 and L3 LISP
level testing security groups), L3 networking
- L2 networking networking uses using ODL (incl.
using ODL (no qrouter/OVS east-west
east-west security security groups)
groups), L3 - O/S-VPP (Infra:
networking uses Neutron ML2-VPP /
qrouter/OVS Networking-vpp-agent /
- Overlays: VXLAN, VPP)
VLAN - Automatic Install,
Overlays: VLAN
DVR with VPP
Computenode-0 Controlnode-0 Computenode-1
GBP LISP
OpenStack Services Network Control
Honey- Honey- Honey-

comb tap comb comb
DHCP L3 VPP
FIB
ARP- DHCP- DHCP- ARP-
Tenant network i/f

proxy Relay Relay proxy
Tenant network i/f
Tenant network i/f
vhost- L3 VXLAN VXLAN L3 vhost-

VM 1 user FIB FIB user VM 2
VXLAN
VPP VPP
NAT NAT
External network i/f External network i/f

LISP
controlled
Internet Internet
Iterate.
Cisco Spark
Questions?
Use Cisco Spark to communicate
with the speaker after the session
How
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
cs.co/ciscolivebot#BRKDCN-2390
• Please complete your Online Complete Your Online
Session Evaluations after each
session
Session Evaluation
• Complete 4 Session Evaluations
& the Overall Conference
Evaluation (available from
Thursday) to receive your Cisco
Live T-shirt
• All surveys can be completed via
the Cisco Live Mobile App or the
Communication Stations
Don’t forget: Cisco Live sessions will be available
for viewing on-demand after the event at
www.ciscolive.com/global/on-demand-library/.
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Tech Circle
• Meet the Engineer 1:1 meetings
• Related sessions
Thank you

BRKSDN 2333

Uploaded by

Copyright:

Available Formats

BRKSDN 2333

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BRKSDN 2333

Uploaded by

Copyright:

Available Formats

BRKSDN-2333

Open-source NFV platform?

Service Model WorkFlow Topology App Intent

VM Policy, Network Policy

Phys./virtual Network Control Network Controller;

Application Layer / App Server PaaS platforms

Network Data Analytics

VIM Management System

IO Abstraction & Feature Path

Network Data Analytics

VIM Management System

IO Abstraction & Feature Path

Application Layer / App Server The “No-Stack-Developer”

Network Data Analytics OPNFV

Network Data Analytics

VIM Management System

IO Abstraction & Feature Path

Through system level integration, deployment

Management and Orchestration Integration Testing New Features

LXD ONOS Composition Performance

Data Plane Continuous Integration / Continuous Deployment

Application Layer / App Server

NFV Telemetry Data Acquisition

NFV deployment architectures MANO solutions

Hypervisor for NFV

Dataplane Performance Test Dataplane Evolution & Test

Infra control & CI/CD

Create Scenarios/Stacks Installation, Upgrade Documentation

ONOSFW, OpenContrail,, Joid, Fuel, Compass) Escalator, Genesis)

ARNO (May/2015) BRAHMAPUTRA (March/2016) COLORADO (Sept/2016) DANUBE (March/2017)

Swimming upstream Swimming upstream Team-up to increase

Integrate & build* Test on

*OPNFV currently composes builts from

Patch Verified Poll changes Upload ISO

Patchset Push Image

Pull Down Pull Down

Labs connected 24x7

Initiate Deploy Functest Yardstick

contribute contribute contribute contribute

pull from master, deploy, test

• Provide developers with

• Ensure OPNFV applicability

• Create more robust, interoperable https://www.opnfv.org/developers/pharos

• Facilitate collaborative testing

• Ensure OPNFV applicability across architectures, environments and vendors

• Create more robust, interoperable releases

Resources Dynamically Allocated

Virtualized Network Functions

VNF VNF VNF VNF

Compute Storage Network

Functional Performance Stress Security

Infrastructure Network Network Upgradability

• Compare a FastDataStack to NIC VPP Controller

June 4, 2015 March 1, 2016 September 26, 2016 April 4, 2017

• Forwarder Diversity: Hardware and Software Virtual Machine/Container

• Runs on commodity CPUs and leverages DPDK

• See also: FD.IO (The Fast Data Project)

IPv6, 24 of 72 cores IPv4+ 2k Whitelist, 36 of 72 cores Zero-packet-loss Throughput

VPP Userspace Host Stack VPP Userspace Host Stack