Operational efficiency is a high priority for most enterprise IT organizations and service providers, and virtualization is being used in the data center to meet this goal. Just as service providers have gravitated toward virtualization to cope with the increasing pressures of megabit costs, so too are enterprises following suit. Focus is now shifting toward network virtualization, from the compute and storage virtualization waves.
A big trend in this area that can dramatically reduce costs and drive operational efficiency, is replacing traditional proprietary hardware-centric network services with more cost-effective Network Function Virtualization (NFV), which puts those functions into software that runs on commoditized hardware machines.
Going virtual
NFV makes IT infrastructure more flexible, scalable and cost-effective, but the complexity of these new networks makes network visibility, such as Network Performance Monitoring (NPM), a real challenge. Traditional network visibility methods incorporate techniques such as tapping the wire, gathering wireless data, or using traffic mirroring (SPAN) functionality that feeds the data into visibility solutions such as NPM tools. But, when NFV comes into play, it creates a new set of challenges that can create new blind spots. Let’s look at some.
First, following NFV migration an organization is left without physical network devices, which means there’s no wire data to tap into. This means if they are trying to monitor network transactions or trying to capture network data-in-motion, they can only do that where it hits the physical wire. NFV employs multiple Virtual Network Functions (VNF) that run on top of the server’s compute function, rather than within traditional network nodes such as routers, switches or firewalls.
Heavily virtualized networks have much more east-west traffic that travels between multiple VNFs and associated data-bases. This is important to note because each VNF is responsible for some specialized function in a ‘service chain’ and if you can’t see that traffic between two VNFs, you can’t ensure a service when it breaks. For example, you cannot capture and analyse the network packets or flows that you would normally use to quickly identify and isolate issues on a traditional network. This can result in war-room finger-pointing, because no one can pinpoint where the issue resides.
Second, it is highly inefficient to backhaul NFV traffic to a physical network or packet broker without multiplying the traffic, wasting expensive network bandwidth and inducing latency (although some use this approach as a “band-aid” solution). And, backhauling east-west traffic in the north-south direction – and simply feeding it into visibility tools – is not only inefficient, it raises business risk because it competes with the actual mission-critical traffic traversing the same network. If mission critical data can’t get through, business continuity will suffer.
Finally, as mentioned earlier, a service (such as eBanking or making a cell-phone call) in an NFV environment might include several VNFs in a chain that is distributed across different machines, compounding the visibility problem. Not only do you need to probe the data at multiple points, but it needs to be correlated and visualized centrally through a single-pane-of-glass and linked to the service in question. If those resources are provisioned close to an existing saturation point, you can create additional bottlenecks. For example, if bandwidth, CPU and memory resources associated with a virtual-switch on a machine are choking, and that machine is already critical to the NFV service chain, it could create unpredictable performance and a poor user-experience (in the form of dropped calls).
All of this requires some creative NPM-based visibility solutions to help eliminate network blind spots. Without the capabilities and insights these solutions can provide, NFV can quickly turn into “non-functional-
What’s the solution? While every deployment will have its own unique set of challenges and requirements, here are some tips to consider if you’re already running NFV or considering a rollout:
- The best way to provision visibility in an NFV environment is to deploy virtualized visibility tools (such as NPM solutions) next to the critical VNF on the same machine in a 1:1 fashion. For less mission-critical functions, aggregated traffic can be relayed to the NPM tool running as a central Virtual Machine (VM) within the same virtual environment or hosted in the cloud. In case of cloud or SaaS-based monitoring, be cognizant of the costs associated with the storage and movement of data across boundaries. On the positive side, this approach is typically a consumption-based model and can give teams access to larger data sets, which means if machine-learning engines are being used, sophisticated analysis can happen (such as predicting user behaviours and services).
- In addition to NPM tools, it’s also important to monitor the infrastructure resources of the machines running VNF. The important VNF east-west traffic can be monitored in real-time or analysed immediately during stressful situations, even if the external network never sees that traffic. The NFV entry and exit north-south traffic can be monitored through traditional NPM methods or through virtualized tools. This level of complete correlation of NFV-related traffic allows an organization to remotely monitor the entire network to assure business and service continuity. In case of any service interruptions, network data can be captured and analysed for faster root-cause-analysis. Having coverage for both (east-west and north-south) means teams can quickly investigate and remediate, turning visibility into actions that reduce mean-time-to-service.
When deploying NFV, it is vital to have complete north-south and east-west coverage visibility to confidently maintain ‘service-assurance’ levels (or standards). NFV creates a new set of visibility challenges in the distributed enterprise and within service provider networks. If you want to eliminate network blind spots and create a high-performance NFV environment, be sure to have a well-planned visibility strategy in place. You won’t regret it.
Nadeem Zahid is senior director of strategy and cloud at Savvius