Professional Documents
Culture Documents
Service Chaining
Optimize & Monetize with PEM
Bart Salaets
Solution Architect
Agenda
• F5 Gi LAN Strategy
• Traffic Steering & Service Chaining
• Recent Evolutions
• Policy-Based “Per-Flow” and “Per-Transation” Steering
• Static & Dynamic Service Chaining : Evolution to IETF model
F5 Agility 2014 2
F5 Gi LAN
Strategy
F5 in the S/Gi network – A Consolidated Approach
Simplifying the delivery of network services
BEFORE F5
VAS layer
Static port 80 steering
WITH F5
VAS layer
Dynamic intelligent steering
VIPRION
PGW/ Internet
GGSN
F5 Agility 2014 4
Traffic Steering
&
Service Chaining
Traditional Steering to VAS & Optimization platforms
A router steers all port 80 traffic to VAS platforms
STATIC STEERING
F5 Agility 2014 6
Challenges with the traditional approach
• All VAS platforms need to classify and process all port 80 traffic
• Waste of resources for pass-through traffic
• Duplication of resources
F5 Agility 2014 7
Challenges with the traditional approach
F5 Agility 2014 8
Solution : Intelligent traffic steering to VAS platforms
Offloading VAS services & Optimizing infrastructure utilization
INTELLIGENT STEERING
Diameter Gx
PCRF
RTR Internet
PGW/
GGSN VIPRION
F5 Agility 2014 9
Policy-Based “per-flow” Steering
• Use cases – Steering policy for each flow dependent on ...
• Subscriber policy
• RAT-Type (2G / 3G / LTE / Wifi)
• Location (roaming)
• Network congestion
• Device-type (IMEI, HTTP User-Agent)
• Content-Type (HTTP Content-Type, DPI signature)
... or any combination of the above
F5 Agility 2014 10
Policy-based Flow Steering in Action
Steering to 2 VAS services : Subscriber + RAT-type based
PCRF AAA
Emma Radius
Radius Diameter Gx
(RAT-type updates) Other API
GGSN
John PGW
Internet
Paul
Subscriber
Policy-based Flow Steering in Action
User John : http traffic in LTE
User Service Policy
PCRF AAA
Emma Radius
Diameter Gx
Other API
http (LTE) Radius
GGSN
John PGW
Internet
Paul
Subscriber
Policy-based Flow Steering in Action
User John : http traffic in 3G
User Service Policy
PCRF AAA
Emma Radius
Diameter Gx
Other API
http (3G) Radius
GGSN
John PGW
Internet
Paul
Subscriber
Policy-based Flow Steering in Action
User Paul : http traffic in 3G or LTE
User Service Policy
PCRF AAA
Emma Radius
Diameter Gx
Other API
Radius
GGSN
John PGW
http Internet
Paul
Subscriber
Policy-Based Flow Steering & Service Chaining
Summary
POLICY-BASED STEERING + LOAD BALANCING
DIAMETER Gx
(subscriber policy indicates parental
RADIUS control)
(RAT-TYPE updates for subscriber in
interim accounting) PCRF
RAT-TYPE DETERMINES
Video Transparent Parental WAP
STEERING TO VIDEO OPT. Optimization Caching Control Gateway
F5 Agility 2014 15
Policy-based “per-transaction” Steering
TCP/IP Packet
Multiple Messages in one packet
HTTP Message Header • HTTP message can span multiple
packets
• Packets may have multiple HTTP
messages
HTTP Message Body • Delimiting HTTP messages may
GET / HTTP/1.1\r\n <body data>
require inspection of every byte
Host: www.myhost.com\r\n 0\r\n • Message steering in some cases
Transfer-Encoding: chunked\r\n may cause TCP stream to be split
Cookie: userId=“username”,
userData=abdefa1839290…\r\n – may lead to chaos in client to
User-Agent: Mozilla…\r\n end point communication
\r\n Body Terminator
for chunked mode
Steering on HTTP Request
• Establish new TCP connection with the VAS selected in the steering policy
and forward the HTTP message between client and selected VAS
• In case of service chaining (multiple VAS endpoints) there will be several
TCP connections being set up over which the HTTP message will be
forwarded
F5 Agility 2014 18
Steering on HTTP Response
F5 Agility 2014 19
Steering on Response – Sequence of events
PGW/
GGSN RTR
Intelligent Steering
RAN Platform
INTERNET
POLICY EXECUTION
IF
CONTENT-TYPE STARTS WITH “VIDEO/”
CONTENT-LENGHT > 1024KB
THEN
REDIRECT TO VIDEO OPTIMIZATION
Video
Optimization
F5 Agility 2014 20
Steering on Response – After the HTTP redirect
PGW/
GGSN RTR
Intelligent Steering
RAN Platform
INTERNET
New HTTP request with classification info
embedded in the URI
POLICY EXECUTION
IF
URI CONTAINS VIDEO CLASSIFICATION INFO
THEN
STEER TO VIDEO OPTIMIZATION Video
& DELETE CLASSIFICATION INFO FROM URI Optimization
F5 Agility 2014 21
Steering on Response – ICAP variant with Skyfire
Rocket
PGW/ Optimizer
GGSN RTR
Intelligent Steering
RAN Platform
INTERNET
ICAP Response
(302 redirect to
Rocket Optimizer)
SKYFIRE PRE-FILTER LOGIC
IF
CONTENT-TYPE STARTS WITH “VIDEO/”
CONTENT-LENGTH > 1024KB
THEN
Rocket ICAP REQUEST TO ROCKET CONTROLLER
Analyze ICAP preview Controller
Do we optimize? Yes!
F5 Agility 2014 22
Steering on Response – After the HTTP redirect
Forward Rocket
PGW/ Optimizer
GGSN RTR HTTP request
Intelligent Steering HTTP request
RAN Platform
(original URL+cookie)
HTTP response
(optimized video)
http://cloud.skyfire.com/[URL]?[cookie]
INTERNET
HTTP response
Mobile
Forward HTTP response (optimized video) (original video)
Client
F5 Agility 2014 23
IETF – Service Chaining Working Group
F5 Agility 2014 24
IETF – Service Function Chaining
• Packet forwarding between SFs can be plain IP, SDN, overlay networks, ...
LOAD WEB
SFC-ID=1 FIREWALL NAT44
BALANCER PROXY
(SF3) (SF4)
(SF1) (SF2)
HEADER
SFC-ID=2 DPI FIREWALL
ENRICHM.
(SF5) (SF3)
(SF6)
F5 Agility 2014 25
Static & Dynamic Service Chaining – Today with F5
INTELLIGENT SERVICE CHAINING
PCRF
VAS
F5 Agility 2014 26
Intelligent Service Chaining – Today and Future
SFC Ingress Classification SFC Ingress Classification
TRAFFIC TRAFFIC
STEERING STEERING
+ L4-L7 VIRTUAL
PHYSICAL (NFV)
SFC Forwarding SFC Forwarding
PHYSICAL VAS VAS VAS VAS VAS VIRTUAL VAS VAS VAS VAS VAS
OR 1 2 3 4 5 (NFV) 1 2 3 4 5
VIRTUAL (NFV)
L4-L7 L4-L7
F5 Agility 2014 27
Policy
Enforcement
Manager
(PEM)
Policy Enforcement Manager – Policy Definition
Policy Name Bronze
Policy Name Silver
PolicyRule
Name1 Gold
PREC
PREC 10
10 CLASSIFIER RULE_10
CLASSIFIER RULE_10
POLICY ACTION RULE_10
POLICY ACTION RULE_10
Rule 1
Rule 1 Rule 2 CLASSIFIER
PREC 20 RULE_1 POLICY ACTION
CLASSIFIER RULE_20 RULE_1
POLICY ACTION RULE_20
Rule 2 PREC 20 CLASSIFIER RULE_20 POLICY ACTION RULE_20
Rule 2 Rule 3 PREC 30
CLASSIFIER RULE_2 POLICY
CLASSIFIER RULE_20 ACTION RULE_2
POLICY ACTION RULE_30
Rule 3 PREC 30 CLASSIFIER RULE_20 POLICY ACTION RULE_30
Rule 3 CLASSIFIER RULE_3 POLICY ACTION RULE_3
F5 Agility 2014 29
Classification & Policy Actions
APPLICATION CLASSIF. URL CLASSIF. FLOW CLASSIF. CUSTOM CLASSIF.
F5 Agility 2014 30
PEM – Wide range of use cases
Per-subscriber Application & URL Subscriber Application Analytics Intelligent Traffic Steering
Bandwidth Control & Filtering & Service Chaining to VAS
• Subscriber ID / Rate Plan
• TCP-friendly rate limiter • Steer traffic based on
• Charging rules subscriber profile to Value
• Separate up/down rates
• Application Usage Reporting Added Services &
• Highly scalable solution Optimization Services
• TCP Optimization as a bonus • Intelligent Service Chaining
Online Charging (Gy) URL Filtering & Parental Control OTT Identification & Monetization
• Government lists
• Flexible rating group • Per-subscriber OTT
definitions based on • Per-subscriber parental application detection
applications and/or URI control opt-in/opt-out
• Per-OTT bandwidth, marking
service
• Redirect or block upon quota and charging rules
expiration • For HTTP & HTTPS
Header Enrichment & WAP offload Content Injection / Toolbars Lightweight BRAS/BNG
F5 Agility 2014 31
Evolution
towards
NFV
Step 1 : Consolidate SGi Functions & Virtualize VAS Layer
RTR Internet
PGW/
GGSN VIPRION
VM Management
and Orchestration
F5 Agility 2014 33
Step 2 : Virtualize SGi + VAS layer (NFV)
VM VM VM
Hypervisor
VM Management
and Orchestration
F5 Agility 2014 34
Virtualizing SGi functions – VNF mapping alternatives
TRAFFIC
TRAFFIC
STEERING
STEERING
+ L4-L7
• Maintain the L4-L7 consolidation model as • Only maintain PEM inline in the data path
deployed in the physical world in the NFV for intelligent traffic steering
world • Treat functions such as CGNAT and
• So you run PEM, CGN and AFM on the security/firewall functions as VAS
same VE (or on separate VEs but all inline in services (which are only used for
the data path) selected flows)
F5 Agility 2014 35
Summary
Summary – Traffic Steering & Service Chaining