Archive

NFV

Event Driven Network Automation is a term used to describe what large scale NetOps teams are doing to scale, deploy and manage networking infrastructure.

YAML data formatting and Jinja2 templating with Python glueing and executing.

Ansible/YAML and Netconf/API for configuration, execution operations.

Event Generation using SNMP/Telemetry/BGPMon.

BGPMon looks like it could be used to check up on changes in a Routed Core with BGP based Leaf-Spine Clos Fabric.

Zero Touch Provisioning – ZTP is best suited for quickly bringing up new devices.

An Orchestration-style GUI layer custom made for every domain in the network would definitely be required as well for various aspects of NetOps.

There can be human driven network automation but there can also be event driven network automation which can be termed as ‘closed loop’ with rule based actions defined by humans.

The events driven, closed loop, rule-based-actions execution layer would then be managed by humans. This layer would be evolving and to manage it there would be a requirement of necessary data structuring and scripting skills in addition to being mindful of what the impact is on the network layer (DC or WAN, both).

References:

https://mirceaulinic.net/2017-10-19-event-driven-network-automation/

https://ripe76.ripe.net/presentations/17-RIPE76_-Event-driven-network-automation-and-orchestration.pdf

Network Automation: Template Configurations with Jinja2 and YAML

https://packetpushers.net/back-journey-network-automation-introduction/

https://packetpushers.net/back-journey-network-automation-part-1-zero-touch-provisioning/

https://packetpushers.net/back-journey-network-automation-part-2-ansible/

https://www.ipspace.net/Building_Network_Automation_Solutions

The list of VNFs at the OPNFV website contains 9 Open Source and 5 proprietary VNFs available to them. Of the 9 the most impressive from a Telco perspective is Clearwater vIMS which provides IMS Functionality in a VNF package. This is the VNF that is used during MWC 2016 to demo the OSM project by ETSI as well. They make a SIP call using it.

 

ETSI has launched the OSM Project ( https://osm.etsi.org/ ) to take the focus of innovation away from Management and Orchestration and keep it on the VNFs. The VNFs are the building blocks of network services and as such they are glued together to provide communication services.

Much of the work and innovation will be on efficient VNF internal design and efficient Network Services design. The Network Services design is a network designe or network architects duty while good and efficient VNF’s are provided by software engineers.

All in all two base skills appear to be handy. One is Linux as base technology for managing infrastructure, providing hypervisor functionality, as base OS within VNFs and also as base OS for VNFM’s as well. Second will be good Network Service design where with increasing amount of VNFs becoming available piecing them together to provide communication services given the constraints put by the system will be a skill.

OPNFV is a platform. It is an integrated system of components that individually make up streams of projects which when combined together provide a platform upon which VNFs can be run. http://openbaton.github.io/ is a practical implementation for an open source NFVO. If one can get a vMME, vSGW, vPGW and vHSS (together being a vEPC) working together then the product is an NFV Lab.

Some of the attempts can be listed as:

http://openlte.sourceforge.net/

http://www.openimscore.org/

https://sourceforge.net/projects/openenodeb/

https://sourceforge.net/projects/openhss/

https://sourceforge.net/projects/nwepc/

http://openbaton.github.io/

I decided to setup a simple firewall on my Vyatta VM router to block pings from another VM Host (Ubuntu 12.04). The network is entirely in the range 192.168.0.100/24. The Ubuntu Host IP is 192.168. 192.168.0.111

ifconfig_ubuntuThe Vyatta interface IP is 192.168.0.108

vyatta interfacePing between them is working prior to setting up firewall and gives destination port unreachable as soon as firewall is enabled via commit.

ping_enable_disableThe firewall configuration is as below:

firewall_configThe configuration steps are simple and given below:

reject

reject_icmpand then we need to apply the firewall to an interface which in this case is eth0.

apply_interfaceAfter the above configurations are in place enter commit to apply them and ping will stop working.

We can also see the statistics in firewall section changing:

show firewall statisticsand also by name the firewall:

show firewall nameand also show firewall name *** statistics :

show firewall name statistics

In my setup to set up DNS forwarding in the Vyatta router two steps needed to be followed. The first being configure an interface as a listen on interface. I configured this to be eth0 which is bridged to my Wifi rotuer. The second step is to configure a name server. I set this as the default gateway of the network i.e. the Address of the Wifi router. DNS Forwarding

Once done I was able to ping google from my vyatta VM.

ping google