The Role of VNF in NFV Deployments

Business applications and operations naturally have become more dynamic in order to adapt to the changing technology landscape. New applications or business operations are created or modified almost every day. Despite this rapid change, traditional hardware-based data centers and networks cannot meet their requirements, as hardware infrastructure cannot be adjusted at the same speed as applications.

Over the years, virtualization technology became the best approach to address these dynamic requirements. Computing, storage, and network switching have all been virtualized and provided as virtual services, but that does not cover every component in a data center. In traditional networks and data centers, there are many other devices which run at Layer 3 to Layer 7. These devices include firewalls, routers, load balancers and more, and are necessary and critical for customer experience and security.

To virtualize all the network services in a data center, Network Function Virtualization (NFV) was proposed. Under the NFV architecture, all network functions (including L3 to L7) are virtualized. In the conversion from physical to virtual, many critical issues such as performance, compatibility with hypervisor, multitenancy support, and elastic management have had to be resolved.

To ensure networking could meet the demands of highly dynamic business operations, data center operators and network service providers needed to adjust their network service alongside customers’ virtual machine (VM) or business applications. Therefore, they first started the trial and production deployments of NFV in specific sectors, such as Virtualized Data Center (VDC), Software Defined Data Center (SDDC), virtual Customer Premises Equipment (vCPE), and virtual Evolved Packet Core (vEPC).

Virtualized Network Function (VNF) is the basic building block in the NFV architecture. When the router, firewall, IPS and WAF devices are virtualized, they become a VNF.

VNF implementation requirements

The major differences between traditional network functions and virtualized network functions reside in the areas of self service, self-configuration and elasticity. In addition, virtualized functions must provide a northbound API to be integrated by higher level management software. Key features required by NFV architecture on VNF are as follows:

  • Automatic Deployment and Compatibility

Automatic deployment and configuration is necessary to enable and support self-service and self-management. Customers or tenants should be able to achieve self-service and self-management even without the intervention of data center administrators, similar to the services provided by public clouds such as AWS, Azure, or other cloud providers.

  • Deployment using image or template

VNF has to provide VM image or deployment templates to achieve rapid deployment when customers need to start a new service quickly to address a business demand.

  • Support for multiple cloud platforms

Hybrid-cloud and heterogeneous-cloud services will stay in business for a long time to come. Cloud management platforms are capable of managing across multiple cloud service infrastructures, where a singular platform can manage a VMware data center, an OpenStack data center, and AWS as well. To provide a single solution to a cloud operator, VNF has to support multiple cloud platforms, which usually include VMware, OpenStack, AWS, Azure, Ali Cloud, among others.

  • Embedded automatic configuration

After being deployed through one single VM image or template, multiple VNF instances will contain the same configurations, such as interface IP, route, username, or password. This makes them unusable by multiple customers or tenants. It is necessary to automatically customize certain configurations after a VNF is deployed. There are multiple approaches to implement an automatic configuration, like updating the configuration file before VNF boots up, embedding a startup agent (VMware and Azure), or reading a user specific configuration (AWS and OpenStack) during boot-up.

  • Scalability and Elasticity

Since business applications and operations may change over time through expansion or reduction, services provided by VNF must scale up or down as necessary. To provide scalability, VNF needs to provide overall performance scaling by adjusting virtual resources (virtual CPU and memory) on a single VNF VM, and avoid redeploying it. Similar performance scalability requirements are also applied on VNF network interfaces. The VNF interface has to support Single Root I/O Virtualization (SR-IOV) and hot plug-and-play. If certain features or the performance of VNF are controlled by a license, license management has to be scalable as well; otherwise it will block performance scaling.

  • Open API and Software Orchestration

VNF module is managed by other orchestration software. The orchestration software can be NFV Management and Orchestration (MANO) software or VNF Manager (VNFM). Orchestration software includes OPEN-O, OSM, Tacker, etc. Since SDN does not follow the standard defined by European Telecommunications Standards Institute (ETSI), it is not classified as NFV orchestration software. The management software is capable of orchestrating multiple types of, and multiple instances of NFV modules through a centralized console. It not only supports the daily operations of a cloud administrator, but also implements service chains and ensures continuous deployment and upgrades. Since the orchestration software needs to configure VNF and manage its execution, VNF needs to provide the northbound interface for upper management software, like SOAP, XML or REST API.

The goal of NFV is to improve the efficiency of deploying new services and adjusting existing services to meet the demands of highly dynamic business operations. Compatibility, elasticity, high performance, and open API are all crucial to an NFV solution. Besides the above features, automatic orchestration and license management are also key functions in the service orchestration process. Orchestration ensures each VNF module can be deployed and configured automatically, including initial and customized configuration based on each specific service. License management ensures VNF modules can automatically enter operation mode.

NFV is a favorite choice in the path of transforming traditional networks to virtualized networks. Now both traditional network device vendors and traditional network service providers are starting to upgrade or converge to NFV. The complete NFV solution requires deploying multiple different types of, as well as many VNF modules. This type of deployment is typically complex and requires complete automatic orchestration support.


 Francis Teo, Southeast Asia Regional Director at Hillstone Networks.