A new method for providing network services: Service function chain

Abstract

Service deployment and management have been a challenge for the network operators because of the characteristics of traditional methods for service configuration and service deployment: unchangeable configuration and ossified deployment. Based on the ideas of Service Function Chain (SFC), Network Functions Virtualization (NFV), Software Defined Network (SDN), and Path Computation Element (PCE), we introduce a method that can not only maintain the services in a flexible and scalable way, but also place services in a topology-independent way and steer traffic among different services. We abstract the service path selection problem as a grey system theory problem and propose an algorithm to give a proper service composition selection and traffic steering method. We also validate the usability of the proposed solution in prototype and efficiency of the proposed algorithm in simulation environment.

Introduction

At present, there are many network service functions, such as firewalls, load-balancing, transactional proxies (for example spam filters), content filter, HTTP header enrichment, deep packet inspection (DPI), intrusion detection systems (IDS)/Intrusion Prevention System (IPS), network add`ress translation (NAT)/Port Address Translation (PAT), accounting, and content caches. These services are deployed in enterprise networks, broadband access networks, and more recently in data centers. However, there are some problems due to the traditional service deployment approach. The main two are as follows.

The services are typically configured as long as they are placed. And once configured, it is very hard to reconfigure them. Managing the operations of these services, such as adding/deleting services or increasing capacity of a service, often requires reconfiguration of multiple routers, switches and application servers — a process that is inflexible, complex, unscalable and prone to inconsistent configurations — often delaying deployment of services.

Typically, the services are deployed in static or semi-static environments and one service chain per service, with no reuse of existing components, which is very ossified and inefficient. The deployment of traditional middle-boxes (such as firewalls/DPI), which relays on the path of packets, is closely associated with the network topology. Even worse, common deployment models have service functions inserted on the data-forwarding path between communicating peers. The ossified way of service deployment makes it impossible to reuse and change the service components.

So it is urgent to design a service function chain that not only maintains the services in a flexible and scalable way, but also places the services in a topology-independent way and can steer traffic among different services. A Service Function Chain [1] is a system or method to steer traffic through a set of services. The design requirement of SFC is also the technical problems to be solved. For example, the traffic should pass along a service path or chain, which is assigned to a received packet based on a path-selection algorithm and classification of the packet. Next time if a new user wants a set of services which is different from the former one, he just needs to reuse some components and adds some new ones, and the system will combine them into a chain for the user. By this way, different users can have different combinations of services simultaneously without changing the topology.

Software Defined Network is a novel framework that enables network programmability and decouples control plane and forwarding plane [2]. Path Computation Element is a flexible instrument to overcome visibility and distributed provisioning inefficiencies [3]. Network Functions Virtualization aims to leverage standard IT virtualization technology to consolidate many network equipment types onto a universal x86 hardware platform [4]. In the proposed method, services run on the Virtual Machines (VMs). And this makes it easier to configure the services, such as add/delete/open/close services in a flexible way—we just need to manipulate the virtual machines, which is very simple.

From this point of view, to some extent, service deployment is equal to virtual machine deployment. There are a large number of articles in virtual machine embedding [5], which have many achievements. In [6], the authors study how to reduce energy consumption in virtual network embedding, and propose algorithms to place virtual machines in an energy-saving way. The work in [7] takes into account traffic engineering considerations to make a better decision for placement and selection of network services. The work presented in [8] proposes using traffic-aware virtual machine placement to improve the network scalability. Xia et al. [9] proposes a paradigm to perform traffic steering in the optical domain, among network functions, using the technology of SDN and NFV in coexistence with today׳s packet-based methods. Kuo et al. [10] proposes an approximation algorithm to minimize the maximum access latency among all pairs of nodes.

However, most of these articles focus on virtual machines embedding, or resources distribution among virtual machines, or mapping between virtual machines and physical nodes, or traffic steering among network functions respectively. There are also articles that make contributions to realize the thought of Service Function Chain. The work in [11] presents SIMPLE, a SDN-based policy enforcement layer for efficient middlebox-specific traffic steering. Barr et al. [12] proposes to treat DPI as a service and route traffic to and from DPI instances.

Comparing to the articles listed above, we have made the following technical contributions. We propose a framework, based on the ideas of Service Function Chain, Network Functions Virtualization, Software Defined Network, and Path Computation Element. Our framework enables a controller to collect the information of network topology and services, to calculate a proper forwarding path for traffic to follow, and by embedding the services on virtual machines. We abstract the service path selection problem as a grey system theory problem and make several assumptions to facilitate the problem, under which we propose an algorithm to give a proper service composition selection and traffic steering method, considering multiple indicators. Finally, we validate the proposed method in prototype to show the usability in the real network and then test our service composition selection algorithm in simulation environment to show the efficiency of our algorithm.

The main contributions of this paper are summarized as follows:

• We design a proper method to realize the idea of Service Function Chain, which can ease service deployment and management, by integrating the concepts of SDN, NFV, and PCE.

• We propose an algorithm to compute a proper service composition selection which can be mapped to path information and traffic steering method and verify its usability through simulations.

• We implement the method in our prototype, and verify that it is usable.

The rest of the paper is organized as follows. Section 2 describes our framework; Section 3 proposes the service composition selection algorithm. We conduct the evaluation both in our prototype and in simulation environment in Section 4.