the cisco 5g-ready sp e2e architecture including sdn ... · 1g 2g 3g 4g 5g 1980s 1990s 2000s ......

The Cisco 5G-ready SP E2E Architecture including SDN, Virtualisation & Security concepts

Brian Meaney

Distinguished Systems Engineer

BRKSPG-2402

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

How

cs.co/ciscolivebot#BRKSPG-2402

• 5G Evolution

• 5G Use-cases & Technology Offerings

• 5G Evolution Architectural Changes & Deployment Options

• 5G Ready Network Architecture

• 5G Ready Transport - SDN Enabled

• 5G Enhanced Virtualisation Platform

• 5G Secure Network

• Conclusion

Agenda

5G Evolution


1G 2G 3G 4G 5G

1980s 1990s 2000s 2010s 2020s

Radio and Voice/Data Evolution Service and Network Revolution

6BRKSPG-2402

Time For The Next Generation Networking


Source: GSMA The 5G Era 2017

51% 6% 23% 14% 6%

34% 29% 23% 9% 6%

23% 23% 26% 14% 14%

20% 34% 29% 9% 9%

6% 34% 43% 14% 3%

Lack of clear business case

Spectrum availability and fragmentation

Competition from alternative networks

Regulation

Technology fragmentation

Most important 2 3 4 Least important

7BRKSPG-2402

Operators’ Perspective: Risks in Deploying 5G

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 8BRKSPG-2402

Market Landscape

8

0

5

10

15

20

25

30

35

40

45

50

2015 2016 2017 2018 2019 2020

Mobile ARPU, Multiple Countries

Source: EU Commission

Consumer ARPUs are Declining or Flat B2B or B2B2x Market Has Future Growth

Emergence of Low Latency Need for

better QOE and to Enable New Applications


2017

3GPP R15

Initial 5G NR

anchored on

enhanced LTE/EPC

3GPP R16

Final 5G NR (inc.

FWA) anchored on

5G Core

2018 2019 2020 2021

WRC-19

Winter Olympics

FIFAWorld Cup

SummerOlympics

5G PoC and Trial Phase (e.g. DT, Arqiva, Orange, etc.)

5G Commercial Launches(e.g. VZW FWA, Orange, etc.)

9BRKSPG-2402

5G Timelines


2017

3GPP R15

Initial 5G NR

anchored on

enhanced LTE/EPC

3GPP R16

Final 5G NR (inc.

FWA) anchored on

5G Core

2018 2019 2020 2021

WRC-19

Winter Olympics

FIFAWorld Cup

SummerOlympics



5G Timelines

10BRKSPG-2402

October 2017https://cisco.jiveon.com/docs/DOC-1870205

This technology will allow mobile networks to carry more data traffic, at greater

speeds, with more reliability while connecting a myriad of devices to the

Internet. 5G will include:

- a new radio interface,

- an architecture based on IP designed for a variety of devices, from M2M to

high speed

- a core network for fixed and mobile access technologies optimized for

virtualization and slicing. Deployment Planned by end 2019 – 2020

May 2017https://www.orange.com/en/news/2017/Juin/5G-More-than-just-connectivity

May 2017https://newsroom.cisco.com/press-release-content?articleId=1844370&type=webcontent Aug 2017

https://newsroom.cisco.com/press-release-content?type=webcontent&articleId=1871147

https://cisco.jiveon.com/docs/DOC-1870205

https://www.orange.com/en/news/2017/Juin/5G-More-than-just-connectivity

https://newsroom.cisco.com/press-release-content?articleId=1844370&type=webcontent


2017

3GPP R15

Initial 5G NR

anchored on

enhanced LTE/EPC

3GPP R16

Final 5G NR (inc.

FWA) anchored on

5G Core

2018 2019 2020 2021

WRC-19

Winter Olympics

FIFAWorld Cup

SummerOlympics



5G Timelines

11BRKSPG-2402

October 2017https://cisco.jiveon.com/docs/DOC-1870205

This technology will allow mobile networks to carry more data traffic, at greater

speeds, with more reliability while connecting a myriad of devices to the

Internet. 5G will include:

- a new radio interface,

- an architecture based on IP designed for a variety of devices, from M2M to

high speed

- a core network for fixed and mobile access technologies optimized for

virtualization and slicing. Deployment Planned by end 2019 – 2020

May 2017https://www.orange.com/en/news/2017/Juin/5G-More-than-just-connectivity

May 2017https://newsroom.cisco.com/press-release-content?articleId=1844370&type=webcontent Aug 2017

https://newsroom.cisco.com/press-release-content?type=webcontent&articleId=1871147

"Heavy Reading and Light Reading think will be one of the most important networking stories of the next ten years, drawing together access, the distributed cloud and advanced services”

New Event Tackles Critically Important 5G Transport Network

http://www.lightreading.com/mobile/fronthaul-c-ran/new-event-tackles-critically-important-5g-transport-network/d/d-id/737735

https://cisco.jiveon.com/docs/DOC-1870205

https://www.orange.com/en/news/2017/Juin/5G-More-than-just-connectivity

https://newsroom.cisco.com/press-release-content?articleId=1844370&type=webcontent



5G Use-cases and Technology Offerings


Source: Recommendation ITU-R M.2083

• Focused on low power wide area NB-IoT with high connection

density and energy efficiency

• For mission critical use cases (self driving, Public safety, ...)

• Desired 1ms access time only refers to radio interface and would

be most useful in near field mission critical apps

• Extra capacity delivered through new 5G frequency bands

• Not too concerned with connection density or latency.

Enhanced Mobile Broadband (inc. Fixed Access)

IoT/massive Machine Type Communications

Increased Bandwidth

and Capacity

Slicing, Flexible deployment,

NFV/Virtualisation

Push data plane to the edge,

Intelligent in Network

Ultra-Reliable Low Latency

13BRKSPG-2402

5G Key Use-case categories

http://www.itu.int/rec/R-REC-M.2083


AR/VR Collaboration$151BCombined AR/VR Collaboration market by 2022

Connected Car$141B Global Connected Car market by 2020 – 32.7% CAGR

Consumer Video200MGlobal VR headsets sold by 2020

Source: MarketsandMarkets

14BRKSPG-2402

5G-ready use-case examples

Connected Health$105B Global connected healthcare by 2020 – 28.7% CAGR

Smart Cities$1.45TGlobal smart city market by 2020, CAGR of almost 20%


CUPS: Control/User Plane Separation

Mobile/Multi Access Edge Computing xHaul - CRAN (Cloud/Centralised RAN)(Fronthaul, Midhaul, Backhaul)

Network Slicing

Security

15BRKSPG-2402

5G Technology Offerings


5G Technology Offerings - MEC Solution

• Intelligent Edge platform, ”closer to the consumer” to enable latency reduction.

• Host multiple applications and services and proxy core functions such as

• Traffic bypass/Offload to the internet

• Caching content via managed CDN architecture

• Interactive functions to facilitate AR/VR applications

• Deployed at Cell site, pre-agg, or agg site, or future site of C-RAN hub

• Consist of independent compute or compute co-located with a router

16BRKSPG-2402

MEC: Mobile/Multi-Access Edge Compute to

drive down transport cost and latency

Caches

Control

Plane

IMS

Other APNs

Internet

90% of traffic

10% of traffic

• Policy• Charging• Auth• Lawful Intercept

Agg-Router

MobileBackhaul

EdgeCompute

EdgeCompute

MobileSwitching

Office


5G Technology Offerings - CUPS Solution

• Decompose the Mobile Packet Core into control plane and a multiplicity of user planes.

• Control and User Plane Separation (CUPS) in 3GPP

• Enable User Planes (UP)s to be placed anywhere in the IP network, e.g. closer to the consumer on the Edge

• Augment UPs with with in-line services

• These types of functional disaggregation are enabled with virtualized workloads

• Challenge is in optimal placement of the Edge functionality - use case dependent

17BRKSPG-2402


© 2018 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKSPG-2402

5G Technology Offerings - 5G xHaul/CRAN Solution• Split the RAN stack, keeping some functions @cell site and

centralizing other functions

• Simplified network maintenance

• Simplified equipment rooms @cell sites

• Spectral efficiency gains from joint processing, e.g CoMP

• Efficient use of processing resources through statistical multiplexing at the centralized site

• High throughput access network (10-100x backhaul)

• Very low latency platforms

• Convergence of different types of traffic over the same access network/platforms – traffic differentiation

• Compute and storage being distributed to different levels of the transport network

RF

PHY

MAC

RLC

PDCP

RRM

MAC

RLC

PDCP

RRM

RF

PHY

Cell site

(DU)

Centralized site

(CU)

Fronthaul

Midhaul

PHY

18

Access

100G

CU

CSR

CSR

CSR

(Pre)A

ggDU

Macro

cell

Macro

cell

(Pre)A

gg

(Pre)A

gg

DU

18


AS / NAS Signalling

Enterprise Slice

PDU Session –Collaboration

PDU Session – IT Devices

PDU Session – Low Latency

PDU Session – Standard Data

5G Technology Offerings - Network Slicing Solution

• Ability to run multiple logical networks as virtually independent business operations

• Simultaneous support strict SLA reqs & best effort traffic over same infra.

• Solution with Virtualisation, SDN control and overall Orchestration from E2E of Access, Transport and Mobile Core Network

• Fundamentally a cross domain orchestration issue and exposing it to third parties

• Slice per 5G use cases: eMBB, mMTC, and URLLC, Slice per Enterprise customer?

• Addressing the complex Vertical Market req. is a key output of the 5G evolution

19BRKSPG-2402

Slice orchestration

X-domain orchestration

DC

Orchestration

Mobile Core

Orchestration

Northbound APIs

Front haulCore AggregationEdge Pre-

Agg

Network

Orchestration

AN

Orchestration



5G Technology Offerings - Edge use-cases under consideration

• Network Functions

• Decomposed Mobile Packet Core

• vRAN / Cloud RAN

• BNG

• CMTS

• (v)OLT

• sGi Services

• Business Managed Services (?)

• Other Use Cases / Applications

• Edge CDN for On-Demand Video

• Live TV

• Connected Car

• IOT (incl. Public Cloud offers e.g. AWS Greengrass)

• Analytics at Edge

• Online Gaming

• AR / VR

20BRKSPG-2402

Network to User

User to Network

User/Edge to User/Edge

Bi-Directional (User – Network)

On-Demand Video, Live TV

Connected Vehicle to Network, User Generated Live TV etc.

Localized AR, IOT, Interactive Gaming, Vehicle-to-Vehicle etc.

Business Managed Services

5G Evolution Architectural Changes & Deployment options


Technology Peak data rate latency

RTT

spectrum Notes

LTE (R8) 150Mbps 10-20ms 700-2.6 20MHz channels

LTE-A (R10) 1Gbps (450Mbps

currently deployed)

5-10ms 450-3.8 5x20MHZ with Carrier Aggregation; MIMO;

CoMP; eICIC

LTE-A Pro (R13) >3Gbps 2ms 450-3.8; 5.1-5.9 32x20MHz CA; LAA, LWA; massive MIMO,

IoT

5G (R15+) >10Gbps <1ms Phase1: 3-6GHz New Radio; multiple access; new spectrum

22BRKSPG-2402

System Performance - LTE-A, LTE-A Pro, 5G


Latency - Increasingly Critical

• The impact of latency on TCP performance is huge

• Increasing connection bandwidth has a less impact on Page Load Time than decreasing RTT/latency

• Low Latency could enable a host of new services

1) M. Belshe. More Bandwidth doesn't Matter (much). Available: http://bit.ly/2tCQWbT

2) I. Grigorik. (2012). Latency: The New Web Performance Bottleneck. Available:

https://www.igvita.com/2012/07/19/latency-the-new-web-performance-bottleneck/

3) M. Sherman, E. Peter, S. Sharma, M. Wilms, D. Locke, A. Dahlke, et al. Uncovering Real Mobile Data Usage and

the Drivers of Customer Satisfaction. Available:

https://www.bcgperspectives.com/content/articles/telecommunications-center-for-customer-insight-uncovering-real-

mobile-data-usage-drivers-customer-satisfaction/

4) F. Larumbe and A. Mathur. (2015). Under the hood: Broadcasting live video to millions. Available:

https://code.facebook.com/posts/1653074404941839/under-the-hood-broadcasting-live-video-to-millions/

5) M. Mathis, J. Semke, J. Mahdavi, and T. Ott, "The macroscopic behavior of the TCP congestion avoidance

algorithm," SIGCOMM Comput. Commun. Rev., vol. 27, pp. 67-82, 1997.

Data Source: http://smutz.us/techtips/NetworkLatency.html

BRKSPG-2402 23

http://bit.ly/2tCQWbT

https://www.igvita.com/2012/07/19/latency-the-new-web-performance-bottleneck/

https://www.bcgperspectives.com/content/articles/telecommunications-center-for-customer-insight-uncovering-real-mobile-data-usage-drivers-customer-satisfaction/

https://code.facebook.com/posts/1653074404941839/under-the-hood-broadcasting-live-video-to-millions/


Synchronisation/Timing - Evolving to meet 5G requirements

Synchronization requirements driven by:

• Radio interface technologies (CA, Joint Transmission, guard period)

• RAN functional split, i.e. Fronthaul

• Services

• Network provides clocking source for the application (e.g, some M2M; high accuracy positioning (target 3m))

• Transport infrastructure working in synchronous mode to comply with services’ strict latency, jitter and packet loss requirements -Time sensitive networking (TSN)

24BRKSPG-2402

* over X2, required in hotspots areas only)

**between cells in same broadcast area

Frequency

(backhaul/air)

Phase

(Backhaul/Air)

LTE 16ppb/50ppb -

LTE-TDD 16ppb/50ppb 1.1usec/1.5usec cell radius<3km

4.1usec/5 usec cell radius>3km

LTE-A/LTE-A Pro: 16ppb/50ppb (wide

area BS)

100ppb (local BS)

250ppb (home BS)

Carrier Agg 1.1usec/1.5usec

eICIC 1.1usec/1usec to 3usec

CoMP* 1.1usec/1usec to 5usec

MIMO 65nsec

eMBMS** 1.1usec/1.5usec to 5usec

5G (still being

defined)

Same as LTE or

better

10nsec to 260nsec:

CA 130/260nsec

CoMP JT 260nsec

Location Services 10nsec

C-RAN Depends on split and radio ,

can be as low as ~10nsec


• 8 possible functional splits being discussed within 3GPP RAN3 and IEEE NGFI

• The consensus seems to be to choose 2 or 3 splits for further specification, likely options 7,8 (Low Level Split) and option 2 (High Level Split)

• eCPRI is Option 7, i.e. split PHY, CPRI is Option 8 - CPRI considered a non starter for 5G radio due to bandwidth expansion

• These splits will introduce different requirements for Fronthaul, Midhaul and Backhaul

Nomor Research GmbH / [email protected] / www.nomor.de / T +49 89 9789 8000 1/4

As you might know, the RAN working groups met last week in cold Spokane, US, for their first big adhoc meeting on 5G. This time I would like to report on RAN3 discussion, since there are major

decisions to be taken concerning the 5G RAN architecture that will have a major impact on all future mobile communication networks.

What are the decisions to be made? Basically, concerning RAN internal interfaces three major areas of discussion are:

1. Decision regarding the split between the Central Unit (CU) and the Distributed Unit (DU) 2. Decision regarding the front-haul split towards the Remote Radio Head 3. Decision regarding a RAN internal split of a User Plane and Control Plane

This figure [1] nicely illustrates the general options under study:

PDCPLow-

RLC

High-

MAC

Low-

MAC

High-

PHYLow-PHY

PDCPLow-

RLC

High-

MAC

Low-

MAC

High-

PHYLow-PHY

Option 5Option 4 Option 6 Option 7Option 2Option 1

RRC

RRC

RF

RF

Option 8

Data

Data

High-

RLC

High-

RLC

Option 3

For all the options it needs to be decided if an interfaces shall be standardized in 3GPP or not. If so the next question is, whether the standard should just define the functional architecture (stage 2) or

all messages, bits and bytes of the interfaces (stage 3). Bear in mind that in every generation we standardized interfaces in RAN3, which in practice still did not allow for multi-vendor interoperability.

3GPP 5G Adhoc: Any Decisions on RAN Internal Functional Split?

Munich, Germany, January 26, 2017

Eiko Seidel, Nomor Research GmbH

25BRKSPG-2402

5G RAN Evolution - Functional Splits under consideration in 5G


eNB = Ethernet NodeB

BBU = BaseBand Unit

RRH = Remote Radio Head

Backhaul

S1 interfaces X2

BBU/

vBBU

Fronthaul

CPRI5G backhaulMME

S/PGW

Backhaul

S1-U

X2

X2

5G RAN Evolution - Recap of 4G RAN Architecture

eNB

eNB

RRH

RRH

MME

S/PGW

BRKSPG-2402 26


5G RAN Evolution - 4G RAN Architecture using CPRI

• Common Public Radio Interface, defined by CPRI industry cooperation

• Link between BBU and RRH

• Digital radio over fiber (D-RoF)

• Serial line interface transmitting constant bit rate data over a dedicated channel (even when no user traffic) – circuit switched transport

• Bandwidth in the fronthaul depends on the number of antennas (not on user data rate)

• Does not allow multiplexing of different types of traffic

• OBSAI also defined but CPRI is most deployed fronthaul interface

• Enables centralized processing of radio features, such as CoMP

• Does not scale to higher radio bandwidth introduced by LTE-A/5G

CPRI 2,5 Gb/s

Ethernet 150MB/s

Radio 150MB/s

BBU

RRH

Backhaul

Fronthaul

BRKSPG-2402 27


Extract from 3GPP TS 38.401 V0.2.0 (2017-07)

gNB Central Unit (gNB-CU): a logical node hosting RRC, SDAP and PDCP protocols, and controls the

operation of one or more gNB-DUs. The gNB-CU also terminates F1 interface connected with the gNB-DU.

gNB Distributed Unit (gNB-DU): a logical node hosting RLC, MAC and PHY layers, and its operation is

partly controlled by gNB-CU. One gNB-DU supports one or multiple cells. One cell is supported by only one

gNB-DU. The gNB-DU terminates F1 interface connected with the gNB-CU.

3GPP TS 38.401 defines the F1 interface based on an Option 2 CU/DU Split.

3GPP TR 38.801 does indicate that other splits are under consideration and could redefine the CU/DU composition.

5GC

NG NG

Xn

NG-RAN

gNB-DU gNB-DU

gNB-CU gNB

F1 F1

gNB-DU gNB-DU

gNB-CU gNB

F1 F1

5G RAN Evolution - 5G Functional Splits into CU and DU

28BRKSPG-2402


Courtesy of CPRI Forum

• CPRI industry initiative, eCPRI released August 2017

• eCPRI Packet based fronthaul interface developed by the CPRI

Forum aims to have same level of interoperability as CPRI

• ~ 10 fold reduction in required bandwidth

• Bandwidth scales with user data (not with number of antennas)

• Any network/technology can be used since they comply to

eCPRI requirements

• Split point currently located at the PHY Level and hence

classified as an Option 7 Split

29BRKSPG-2402

5G RAN Evolution - Evolution from CPRI to eCPRI


Data

RRC PDCPHigh

RLC

Low

RLCHigh

MAC

Low

MAC

High

PHYLow

PHYRF

Data

RRC PDCP High

RLC

Low

RLCHigh

MAC

Low

MACHigh

PHY

Low

PHYRF

Option 1 Option 2 Option 3 Option 4 Option 5 Option 6 Option 7 Option 8

CPRI

CPRI considered a non-starter for 5G radio due to bandwidth expansion and number of streams

Greater bandwidth

Latency sensitivity

Radio co-ordination

E-CPRIRoE (IEEE1914.3)

F1

5G RAN Evolution - Functional Splits with Protocols

BRKSPG-2402 30


gNB-RUgNB-DUgNB-CU

Data

RRC PDCPHigh

RLC

Low

RLCHigh

MAC

Low

MAC

High

PHYLow

PHYRF

Data

RRC PDCP High

RLC

Low

RLCHigh

MAC

Low

MACHigh

PHY

Low

PHYRF

F1 (Midhaul) eCPRI/RoE (Fronthaul)

Option 2 Option 7

Backhaul

31BRKSPG-2402

5G RAN Evolution - 5G Functional Split with RU, CU and DU

CU = Central Unit

DU = Distributed Unit

RU = Remote Unit


User plane

functions

(UPF)

32BRKSPG-2402

Mobile Core Evolution - System Architecture

Session

management

(SMF)

Policy control

function (PCF)

User plane

functions

(UPF)

Unified Data

Management

(UDM)

Application

Function (AF)

(New Radio)

Access Network

Data networks

(DN)UE

Access/

mobility mgmt

(AMF)

Network Resource

Function (NRF)**

Network

Exposure

Function (NEF)**

Service Based Architecture

Policy

Platform

Gateway

Platform

Network Slice

Selection Function

(NSSF)**

Authentication

Server Function

(AUSF)

** New NF with no 4G equivalent functions


Mobile Core Evolution - 5G Interfaces

• N2 equivalent to S1-MME

• N3 equivalent to S1-U

• N4 equivalent to Sx

• Xn equivalent to X2

• Xx new interface, equivalent to X2 but between LTE eNB and NR gNB

33BRKSPG-2402

5G NG Core Reference Architecture, TS23.501

5G General Architecture, TS38.300 NSA NR option 3, TR38.801


LTE NR

EPC NGCN

Option 3: NR NSA, LTE assisted,

EPC connected

LTE NR

EPC NGCN

Option 3a: NR NSA, LTE assisted,

EPC connected

LTE NR

EPC NGCN

Option 3x: NR NSA, LTE assisted,

EPC connected

eLTE NR

EPC NGCN

Option 7: NR NSA, LTE assisted,

NGCN connected

eLTE NR

EPC NGCN

Option 7a: NR NSA, LTE assisted,

NGCN connected

eLTE NR

EPC NGCN

Option 7x: NR NSA, LTE assisted,

NGCN connected

eLTE

EPC NGCN

Option 5: NR SA LTE Rel15,

NGCN connected

eLTE NR

EPC NGCN

Option 4: NR NSA, NR assisted,

NGCN connected

eLTE NR

EPC NGCN

Option 4a: NR NSA, NR assisted,

NGCN connected

NR

EPC NGCN

Option 2: NR SA,

NGCN connected

S1 CP

S1 UP

NG CP

NG UP

Call anchor in LTE

Call anchor in NRMobile Core Evolution - 4G & 5G Interworking Options

BRKSPG-2402 34


gNB-

DU

gNB-CU(48 sites

144 RUs)

DL 10 – 22 Gb/s

UL 16 - 22 Gb/s

Latency 250us

(a*) (c)

DL 38 – 86 Gb/s

UL 54 – 86 Gb/s

Latency 250us

DL 10 – 22 Gb/s

UL 54 – 86 Gb/s

Latency 250us

(b**)

Split numbers are 3GPP numbers based 5G 100Mhz b/w (3GPP TR 28.801 v14): eCPRI figure approx 25 Gbps (UP: ~20Gbps CP: ~5Gbp) (e-CPRI specification v1)

RRU: 100 MHz, 256 QAM, 8x8 MIMOIQ BW (7-16)bit, 32 Antenna Port) 3GPP TR 38.801 V14.0.0 (2017-03)

Per Access site

3GPP best case = 66Gbps

3GPP worst case = 258Gbps

eCPRI = 75Gbps

3 RU / sites

Per DU site

3GPP best case = 396Gbps

3GPP worst case = 1548Gbps

eCPRI = 450Gbps

6 off access sites per DU

Per DU site

F1 split = 72Gbps

Per CU site

In:F1 split = 576Gbps

Out: Nx split=576Gbps

End to End 250µs Transport 100µs

Assume 20µs per switch (more explanation)

~10-15km

DL 4 Gb/s*

UL 3 Gb/s*

Latency 1.5 – 10ms

Midhaul (F1) Fronthaul (eCPRI/RoE/CPRI)

8 off access sites per DU

< 10 milliseconds

UPF

Per UPF site

F1 split = 2880Gbps

5 off CUs sites per UPF

Backhaul

<10 milliseconds

NOTE: No statistical gain assumed

5G bandwidth Implications - based on NGMN recommendation

35


Virtualize

NW CPU Disk

NFVI

VN

F

VN

F

VN

F

VN

F

VN

F

• Understand

how to deploy

VNF on NFVI

• Automation

and integration

tools

• Create new

slices

CUPS

• Re-architect

the GW

• High speed UP

• Scale the UP

and CP

independently

CP

UP

UP

UP

UP

NSA Option 3

• Augment RAN

capacity

• Optimize the

deployment

• Define new

services

eNB 5G

EPC

S1-MME S1-U S1-U

Xx

“Option 3” 5G UE (*)

Distribute

• Introduce low

latency

services

• Create slice

per service

• Address new

verticals

Remote DC

Central Data Center

HSS/SPR PCRF

SAEGW-U

MME

S6a

S1-U

S11

Gx

Sp

SAE-GWc

Sx

SGi Services/Internet

UGP UGP

IP Services

Ultra

A

uto

matio

n

VNF-EM

SA/Option 7

• Upgrade eNB

to NGCN

• Introduce SMF,

AMF etc nodes

• New 5G core

services

• Cloud native

implementation

AMF

UPF +

PGW-U

Evolved

E-UTRAN5G (NR)

N2

SMF +

PGW-C

PCF +

PCRF

N2

N7

N4

N11

N3 N3

N15

Control

Data

2017 2018 2018 2019 2019

Mobile Core Evolution - Upgrade Path

BRKSPG-2402 36


Mobile Core and RAN Evolution - Network Slicing Definition

• 3GPP defines slicing procedures for the core network, directives for the access network and suggestions for the transport network

• 3GPP does not define normative procedures or standards for transport

• A function within a slice instance can either be a partition, a segment, a configuration

• A UE can connect to a maximum of 8 network slices at once, but the network can have many more

• Normative work still ongoing

TS 22.261 (16.1.0)

• “Network slicing allows the operator to provide customised networks. For example, there can be different requirements on functionality (e.g., priority, charging, policy control, security, and mobility), differences in performance requirements (e.g., latency, mobility, availability, reliability and data rates), or they can serve only specific users (e.g., MPS users, Public Safety users, corporate customers, roamers, or hosting an MVNO).”

TR 23.799 (14.0.0)

• “The network slice is a complete logical network (providing Telecommunication Services and Network Capabilities) including Access Network (AN) and Core Network (CN)”

TR 28.801 (15.0.0)

• Logical networks/partitions are created, with appropriate isolation, resources and optimized topology to serve a particular purpose or service category (e.g. use case/traffic category, or for internal reasons) or even individual customers (logical system created "on demand")

TS 38.300 (1.0.1) - RAN

• A network slice always consists of a RAN part and a CN part

• The support of network slicing relies on the principle that traffic for different slices is handled by different PDU sessions

• Network can realise the different network slices by scheduling and also by providing different L1/L2 configurations

BRKSPG-2402 37


AccessCore Aggregation Pre-AggEdge

DC

Peering

BBUBackhaul

RRH

S/PGW

RRH

Fronthaul

GW Backhaul BBU

Traditional

Backhaul/FronthaulRRH

4G Deployment Options - BBU and RRH

BRKSPG-2402 38


AccessCore Aggregation Pre-Agg

Hi-bandEdge Edge EdgeDC

Peering

DU RU

CU

Backhaul

UPF RU

UPFTraditional

RU

UPF

RU

Fronthaul

UPF BackhaulDU

CU

Backhaul/Fronthaul

5G Deployment Options - UPF, CU, DU and RU

FronthaulMidhaul

RUCU

UPF

DU

RUBackhaulUPFBackhaul/Midhaul

Midhaul

RUCU

UPF

RUUPF Backhaul

DUBack/Mid/FronthaulFronthaul

Midhaul

RUCU-CP

Backhaul RUFronthaul

DU

CU-DP

UPF

URLL service

BRKSPG-2402 39


AccessCore Aggregation Pre-Agg

Hi-bandEdge Edge EdgeDC

Peering

Midhaul

RUCU

UPF

RUUPF Backhaul

DUEMBB Fronthaul

VIRTUALIZED

PLATFORM

DEDICATED

PLATFORMFPGA/DSP FPGAVirtualistion Platform

• CU component (like UPF function) supported via a Commodity Compute/x86 Platform (with Coleto creek for acceleration)

• DU is supported via dedicated platform i.e. an Intel FlexRAN Architecture (Xeon based with FPGA/Acceleration in the future)

Midhaul

RUCU-CP

Backhaul RUFronthaul

DU

CU-DP

UPF

URLL service

VIRTUALIZED

PLATFORMFPGA/DSP FPGAVirtualistion Platform VIRTUALIZED

PLATFORM

• Separate CU elements in separate locations, E1 interface between new elements and F1 broken to F1-CP and F1-DP

5G Deployment Options - Virtualisation of Mobile Core/CRAN

BRKSPG-2402 40

5G Ready Network Architecture


FronthaulBackhaul

Small Cells

Cellular Access

(4G, 5G)

SP Wi-Fi

Internet

SR

User Plane/

Service Func.

Edge DC

SR

SR

Core

Control Plane

Regional/Centralised DC

SRSR

Midhaul

42BRKSPG-2402

Cisco 5G-ready Network Architecture

Identity & Policy

Orchestration (NSO)

SDN (WAE/XTC)

5G Ready Transport

5G Virtualisation Platform

5G

Secure

Netw

ork


Cisco 5G-ready Network Architecture - Conclusions

Packet switched infrastructure (Backhaul and Mid-haul has similar SLA/Transport requirement)

Fronthaul traditionally based on WDM - emergence of eCPRI and ROE (IEEE 1914.3) means packet based solution

offering possible – Possible use of TSN (IEEE 802.CM)

Underlay evolving from IP/MPLS to MPLS/SR to SRv6 underlay with SDN techniques

• Simplification and greater scale (if needed) addressed by SRv6 support

Greater b/w In the order of 4x (minimum) and potentially up to 8-10x over existing backhaul.

• New platform position required - increased Ports and Performance with reduced cost per port – 50/100G required

• Size and scale of backhaul and mid-haul determined on radio splits and RAN solution selected by operator.

Monitor Synchronization (Freq and Phase) requirements as will need to be supported in mid/backhaul in some deployment options.

• Support of PTP/SyncE mandatory with the option of 802.1CM (TSN).

Integration with Virtualisation stack/DC infra. is critical with “Network as a fabric” traction

E2E Security from application to network and access to core is key

BRKSPG-2402 43

5G Ready Network Architecture5G Ready Transport – SDN Enabled


5G Ready Transport - “Hybrid” approach in the transport

45BRKSPG-2402

Distributed Components –Functions tightly coupled to data plane

• IGP convergence, OAM and physical link state driven protection, Distributed SON

Centralized Components –Functions where a holistic/abstracted view is required

• PCE (Path Computation Element) Traffic Placement : 30% efficiency, Centralised SON

Existing distributed control plane Augmented by centralised control plane function

Traditional Control Plane

Architecture

(Distributed)

SDN Control Plane Architecture

(Centralized)

Collaborative Control Plane

Architecture

Application

Distributed Control Plane

Data Plane

Centralized Control Plane

APIs


5G Ready Transport - Simplified Protocol Stack in transport

Unified MPLS MPLS SR with controller SRv6

Services

Transport

BGP-LU

RSVP-TE

MPLS LDP

IGP

IP/MPLS

BGP-LU

RSVP-TEServices

Transport

Services

Transport

BGP

T-LDP

IGP/SR

IP/MPLS

SDN

Overlay

IGP

IPv6/SR

SDN

SRv6


E-BGP

with labels

IGP/LDPIGP/LDPIGP/LDPIGP/LDPIGP/LDP IGP/LDP

I-BGP with labels

E-BGP

with labelsBGP community

filtering

I-BGP with labels I-BGP with labels

• Underlay complexity:/32s carried in BGP, heavy duty community filtering

• Any to any not possible with constrained edge equipment

RSVP-TE RSVP-TERSVP-TE

MP-BGP

MP-BGPMP-BGP

MP-BGP

T-LDP

47BRKSPG-2402

5G Ready Transport - IP/MPLS, MP-BGP/T-LDP Serv. Overlay


E-BGP

IGPIGPIGPIGPIGP IGP

E-BGP

Summary / default

routes

EVPNEVPN

EVPNEVPNPCE

• Underlay simplification: Summary or default routes / protocol reduction

48BRKSPG-2402

5G Ready Transport - SR Underlay with EVPN Service Overlay


Service Bandwidth Latency (RTT) Type of VPN

Control plane (incl Sx for CUPS) ~10Mbps (tbc w/ Sx) <50msec L3VPN

Clocking G.8275.1 (L2) 16messages/sec (<100kbps) Symmetry is critical Eth multicast

Clocking G.8275.2 (IP unicast) Negotiable (<300kbps) Symmetry is critical L3VPN

O&AM (not streaming telemetry) <10Mbps 10’s sec range L3VPN

X2-U and X2-C 4% of S1-U <5ms* L3VPN

S1-U distributed/centralized (per cell

avrg/peak); backhaul overhead of 11-30%

may me added

LTE: 22Mbps/150Mbps

LTE-A: 140-190Mbps/1000Mbps**

LTE-A Pro: 900Mbps-1.2Gbps/3Gbps**

NSA NR option3: up to 15Tbps/km2****

(coverage radius=565m)

LTE <20ms

LTE-A <10ms

LTE-A Pro 2ms

NSA NR <10ms

L3VPN

Xn-U, Xn-C Being defined in 3GPP 5G L3VPN

Xx-U, Xx-C Being defined in 3GPP 5G

Xx-U instead of S1-U option 3: up to 15Tbps/km2

L3VPN

N2 (CP), N3 (UP), N4 (CP) N3: up to 15Tbps/km2 (as per eMBB) L3VPN

CRAN (depends on stack split and radio

features - #antennas, modulation, channel bandwidth

LTE CPRIv7: <=24Gbps/cell

5G: 100’s Gbps ***

100usec-10msec

(end2end one-way)

L2VPN/

Ethernet

49BRKSPG-2402

5G Ready Transport - Services Requirements LTE-A/LTE-Pro/5G


Forwarding Plane

Control Plane

Orchestration Plane

Programmable paths

Simplified operation

Optimal use of resources

Rapid convergence

Local features: Timing, QoS, Telemetry, OAM/PM…

High Throughput

Centralized control plane for network wide policy

& control

Real-time checks and updates

Advanced algorithms for complex service SLAs

Network wide service definition and deployment

Network-wide orchestration replaces the individual

device config

WAE

XTC

SDN Controller

NSO

Service Plane

50BRKSPG-2402

5G Ready Transport - Orchestration, Control and Forwarding


Access Network Domain Agg/Edge Network Domain Data Center DomainAccess

Compute Leaf Spine

Virtualize

Transform the CO into a data center

to enable distributed service delivery

and speed up service creation Simplify

Unified underlay and overlay

networks with segment

routing and EVPN

Unifying Service Plane (EVPN)

Unifying Forwarding Plane (Segment Routing)

Automate

E2E Cross-domain automation

with model-driven programmability

and streaming telemetry

Controller

51BRKSPG-2402

5G Ready Transport - Creating a “Network Fabric”


Foundation for Network Operations Simplification and Automation,

and Service Agility via Programmability

Simplification of network protocols

Improved scalability

Simplification of Traffic Engineering

Application enabled policy using SDN

techniquesSupport MPLS & v6 Forwarding

Built-in Redundancy & HA

Universal Forwarding Plane

From Access to DC

Automated 50ms convergence

52BRKSPG-2402

5G Ready Transport - Segment Routing: Key capabilities


• Path Protection with multi-domain disjoint paths at node, link or

SRLG level

• Paths can have same origin node or separate nodes

Guaranteed Disjoint Paths Low Latency Path

• Latency sensitive services prefer low latency paths – Default

IGP lowest cost path typically provides highest bandwidth

Avoidance Reachability Multi-Domain(ODN)

• Avoid a node/network due to e.g, security, reliability,

competition concerns

• Head-end node does not have path to a destination node

– requests the path to XTC using On-Demand Next Hop.

• Simplification and scalability of service deployment

Tokyo

Bejing

Londo

n

100G

100G

1G

Low

Latency

PathHigh Bandwidth Path

(Default)

NO GUARANTEE OF SERVICE

GUARANTEED SERVICE

SAME FIBER CONDUIT & SAME POWER PLANT

DIFFERENT FIBER CONDUIT & DIFFERENT POWER PLANT

Without Segment Routing With Segment Routing

A B

B

C

A D

High Bandwidth Path

(Default)

Avoid C

Path

53BRKSPG-2402

5G Ready Transport - SDN Controller: Basic PCE use-cases


• Traffic engineering for SLA bandwidth guarantee

• Monitor network utilization to reach 100% of network utilization

Bandwidth Optimization Multi-Layer Path Optimization

• L1 and L3 network visibility and correlation enabling multi-layer

optimal path computation and SLA monitoring automation

Congestion based rerouting Predict/Plan node/network changes/impact

• Deploy tactical LSP tunnel to alleviate congestion

• LSP initiated by WAE

• “What if” analysis for network planning – test protection

strength, change traffic patterns, change network

topology, etc

• Optimize maintenance operations

• API exposure for 3rd party applications

WAE

XTC

54BRKSPG-2402

5G Ready Transport - SDN Controller: Advanced use-cases


IPv6

Exponential growth of IP addresses from

containerization, micro-services and 5G

Segment Routing

Provides Traffic Engineering and VPN service

SRH is an IPv6 Extension Header that brings benefits of both directly in the IPv6 Header.

Enables Service Chaining and Network Slice in Future

55BRKSPG-2402

5G Ready Transport - SRv6: Merging benefits of SR & IPv6


Optimized for HW processing

e.g. Underlay & Tenant use-cases

Optimized for SW processing

e.g. NFV, Container, Micro-Service

Metadata TLV

Segments Left

Locator 1

TAG

56BRKSPG-2402

5G Ready Transport - SRv6: Locator, Function & Metadata

Function 1 Argument 1

Locator 2 Function 2 Argument 2

Locator 3 Function 3 Argument 3


• Services are expressed with segments

• Flexible

• Scalable

• Stateless

57BRKSPG-2402

5G Ready Transport - SRv6: Service Chaining

Packets from are steered through a sequence of services on their way to the server

S1

S2

S3

DSR: 〈S1, C1, S2, S3, D〉

C1


5G Ready Transport - Why SR for Network Slicing

Why Segment Routing for Network Slicing

• Full programmability and control over the end2end path definition - explicit path that complies with defined network slice constraints

• Simple and scalable traffic engineering – enables network slicing complex SLAs

• High Reliability built-in mechanisms: TI-LFA (automated 50msec convergence), ECMP, Anycast SID, backup disjoint paths

• Simple and limited configuration required @node level with ODN (on demand next hop)–scalable and dynamic network slice life cycle changes (create, modify and delete)

• Provides quasi realtime measurements of link and node metrics to the SDN controller –continuous and automated network slice SLA compliance

• Scalable transport network overall with less network protocols and protocols interactions, limiting the paths known on each node to those it actually needs

• Converged transport for any AN – 5G is a FMC technology

58BRKSPG-2402


5G Ready Transport - Network Slicing to the VNF

• SRv6 fully implemented in VPP Open Source, which can be easily incorporated in any VNF

• Enables a packet to be routed between VNFs of the same slice using a single packet header end2end, while enabling service chaining programming per slice

• SRv6 in 3GPP as possible replacement for GTP (WI for R16)

• SRv6 native support for N3 Interface planned in Cisco 5G CN

• Ability to fully integrate transport with the mobile application/network slice

• RAN slicing may define a CRAN split per slice – SRv6 optimally routes the packet between RU, DU, CU and CN depending on the split of the slice (leveraging the built-in service chaining capabilities)

59BRKSPG-2402

TOR

UPFSlice1

UPFSlice2

VPP/Router

TOR

CUSlice1

CUSlice2

VPP/Router

Transport Network

NSI

CNAN

TN

5G Ready Network Architecture5G Enhanced Virtualisation Platform


Virtualisation Platform - Current NFV Status

61

5G and Edge Computing are Two New Drivers!

Technology Maturity of VNF, VIM,

MANO and Overall Solution

Performance Challenges;

Visibility/OAM an Assurance

Multi-Vendor Inter Operability: NFVI,

MANO and VNFs

Management and Orchestration

(MANO) Solution Uncertainty

People, Process, Culture and

Organization Evolution

• Expectations in initial years were Inflated

• The initial few years didn't saw success of NFV the way industry anticipated earlier

• 2nd Wave so far seems more pragmatic


Cust

Prem

vBranch,

Analytics

Access

Nothing is

seen

today…

MEC, VPC

& Fog Apps

Remote DCs

VPC, SecGW, vIMS,

vManaged Service,

Media xCoding, cDVR,

CRAN, vPE, vBNG,

vCMTS,

vCDN, AnalyticsIOT / Fog Computing,

Online Gaming, Location

based Services, AR/VR,

Data Analytics

Central DCs

VPC, Gi-LAN, vIMS,

Biz Services (vMS),

Media xCoding, cDVR,

vCDN,

Virtualized RR,

Analytics

Co-Lo /

Peering

vMS,

vCDN,

vDDoS,

Analytics

Cloud Hosted

XaaS delivered

from the Multi-

Cloud

CO

vBNG, vOLT, vCMTS, vPE

Biz Services (vMS),

CRAN,

vCDN, Analytics

VPC & vCDN, Cloud RAN,

AR/VR, IOT, Fog, location based

services, Data Analytics

`

Access

Carrier-E /

Transport

Central Data Centers

Edge

Internet / Partner SPEdge

Core and Edge Pre-Agg/AggregationMulti-Cloud

VPN CPE

Cust. Prem

Peering

DCI

DCI

DCI

DCI

DCI

DCI

Remote DC

Near Edge

Remote DC

Near Edge

Co-Lo

Co-Lo

Peering

Peering

62BRKSPG-2402

Virtualisation Platform - Distributed NFV Req. (including CRAN)


Currently Some SP Emerging/Visionary

x2Few Central DC Sites

Relatively small

deployments

Currently Most SP

New Management and Operational RequirementsTraditional ETSI MANO NFV

Monolithic VNF

Convergence of NFV platforms

Re-Thinking of DC Networking for the CO (SR)

Specific SP Compute Requirements

(Latency, Depth, Hardening)Traditional SP Compute Platforms

Leverage Existing DC Platforms

Specific VNF

(Mainly SD-WAN,

vIMS) Reconsideration of HW/SW Split (CUPS, SDN) / Micro-Services

Platform reconsideration: Micro-PODs – Linux KVM

x10Aggregation Sites. Usually dozens.

Combine multiple services and multiple

pre-aggregation sites.

x100Pre-Aggregation Sites. Usually

Hundreds, connect to 10-50 access

sites.

x1000Access Sites

Virtualisation Platform - Mini-DC in Smart CO’s

BRKSPG-2402 63


DC Centric

• Treat the Front-End DC as a full-fledged DC

• Design and architecture resemble typical DC – Layer 2

• Majority of Services Endpoints – East/West Traffic

• Multi-tenant infrastructure: 100s to 1000s of tenants

• EVPN/VXLAN provide ops and policy consistency

• From legacy apps to cloud native / Telco/IT Convergence

Network Centric

• COs become smart bumps on the wire

• Extension of the MPLS network design/architecture – Layer 3

• Majority of Transit NFV – North/South Traffic

• Multi-tenant infrastructure: 10s to 100s of tenants / slices

• EVPN/SR provide ops and policy consistency

• Compute pushed to edge for specific services/functions

Virtualisation Platform - DC and Network Centric Requirements

BRKSPG-2402 64


NFV

Management & Orchestration

EMS 1 EMS 3EMS 2

VNF 1 VNF 3VNF 2

OSS / BSS

NFVI

Hardware Resources

Compute NetworkStorage

Virtualization Layer

KVM / ESXi Virtual NetworkVirtual Storage

NFV-O

(NFV Orch.)

VNF-M

(VNF-Manager)

VIM

(Virtual Infra Manager)Hardware

Data Models, Automation, Orchestration

NetConf/YANG

Performance Enhancement & Optimization

SR-IOV

Chaining and Connectivity

VXLAN, NSH…

SDN Controller & Network Integr.

VTS

(MP-BGP/VXLAN)ACI

Monitoring and AnalyticsEnd-to-End

Requirements,

Interoperability &

Testing

NFVBench

OS & Virtualization Layer Virtual Infrastructure Manager

TOSCA Orchestration/Platform

Virtualisation Platform - Ingredients for Successful NFV

BRKSPG-2402 65


Cisco contributed VPP to Open source

Project at Linux Foundation

• Multi-party

• Multi-project

Software Dataplane

• High throughput

• Low Latency

• Feature Rich

• Resource Efficient

• Bare Metal/VM/Container

• Multiplatform

SR MPLS/IPv6 Ready Today

Virtualisation Platform - FD.io: The Universal Dataplane

BRKSPG-2402 66


Present

VNF & SDN Overlay based Architecture

Need to Service Chain multiple VMs/VNFs

Repeated Overlay Encap/Decap wastes resources

Multiple Layers of Management for Overlay & UP VNFs

Increased Complexity with massive scale

Host

Host OS

Container Engine

A

GW Services L3 Services TDF Services SDNSDN

Common Data Plane Function

Future

Microservices & Containers Based Architecture

Allows flexible selection of Data plane operations based on use-case

Allows efficient use of resources and simplifies Management

Incorporate SDN Overlay and Improve performance with VPP

Expand to support Converged User Plane for diff access and RAN CU

GW-C SDN-C

Host

Host OS

Hypervisor

SDN Overlay

GW Function

Access (GTP)Routing

Networking

Host

Host OS

Hypervisor

SDN Overlay

L3 Functions

SPI/DPI, QoS, Charging

Security, NAT, IPSec

Host

Host OS

Hypervisor

SDN Overlay

TDF Function

Header EnrichPacing

Optimization

B

Virtualisation Platform - 5G Evolution towards Cloud Native

BRKSPG-2402 67


Virtualisation Platform - Cisco NFV Solution Architecture

VNF Manager

Cisco ESC

NFVO, Resource Orchestration & VNF Service Orchestration

NSO – Network Services Orchestrator enabled by Tail-f

North Bound APIs

Virtual Network Functions (Cisco and 3rd Party)

CSR ASAv vPC VMS Video 3rd

Party

Cisco Physical InfrastructureOptional Network VIM(Cisco VTS / Cisco ACI)

Infrastructure Abstraction with RHEL, KVM/Qemu, Host Packages, vSwitches

Cisco NFVI Scope

Network (Nexus)Compute (UCS) Storage (UCS)Infr

astr

uctu

reM

an

ag

em

en

t

Unifie

d M

an

ag

em

en

t

API

GUI

Mo

nito

rin

g a

nd

Assu

ran

ce Virtual Infrastructure

Virtual Storage

(Ceph)

Virtual Compute

(RHEL)

Virtual Network

(OVS, VPP, SR-IOV)

Cisco VIM

XRv vWSA

Red Hat OSP

Cisco VIMLifecycle Manager


Network Element Drivers (NED)

Device Manager

Service Manager

Cisco Network Services Orchestrator (NSO)Service YANG

Models

Device YANG

Models

Network-wide CLI, Web UIREST, Java, NETCONF

Network

Engineer

Mgmt. Apps /

OSS/BSS or

Tenant Portal

End-to-End

Transactions

Day1/Day2

Configurations

NETCONF, CLI, SNMP, REST, etc.

Mapping Life Cycle management – Create, Modify, Delete

PnP Server

(Call Home) Day 0

Configurations

69BRKSPG-2402

Virtualisation Platform - Cisco NFVO Solution (Cisco NSO)


Performance Acceleration,

Enhanced Platform Awareness

Certified by Red Hat

Joint Engineering

Integrated platform Design and Validation

Cisco NFVI Scope




astr

uctu

reM

an

ag

em

en

t

Unifie

d M

an

ag

em

en

t

API

GUI

Mo

nito

rin

g a

nd

Assu

ran


Virtual Storage

(Ceph)

Virtual Compute

(RHEL)

Virtual Network

(OVS, VPP, SR-IOV)

Cisco VIM

Red Hat OSP


70BRKSPG-2402

Virtualisation Platform - Cisco NFVI Solution (Industry Partners)


Performance Acceleration,

Enhanced Platform Awareness

Certified by Red Hat

Joint Engineering

Integrated platform Design and Validation

Simple Access to Support

Single Point of Contact

Cisco NFVI Scope




astr

uctu

reM

an

ag

em

en

t

Unifie

d M

an

ag

em

en

t

API

GUI

Mo

nito

rin

g a

nd

Assu

ran


Virtual Storage

(Ceph)

Virtual Compute

(RHEL)

Virtual Network

(OVS, VPP, SR-IOV)

Cisco VIM

Red Hat OSP


70BRKSPG-2402

Virtualisation Platform - Cisco NFVI Solution (Industry Partners)


`

Access

Carrier-E /

Transport


Edge



VPN CPE

Cust. Prem

Peering

DCI

DCI

DCI

DCI

DCI

DCI

Remote DC

Near Edge

Remote DC

Near Edge

Co-Lo

Co-Lo

Peering

Peering

72BRKSPG-2402

Virtualisation Platform - Distributed NFV Req. (including CRAN)

Branch Solution

KVM-Based

Micro-DC Solutions

OpenStack NFV Solution

(from 3 to 12 computes)

or KVM-Based NFV Solution

Regional-DC Solutions

Hyper-converged


(from 7 to 32 computes)

Cisco NFVI

Full Scale


(128+ computes)


ToR Switch 1

Compute Storage

HyperConverged Pod

ToR Switch 1

Management Node

Controller Node

Controller Node

Controller Node

Compute Storage

Compute Storage

…

30% Footprint reduction60% Footprint reduction

ToR Switch 1

Full-on Pod

ToR Switch 1

Management Node

Controller Node

Controller Node

Controller Node

…

Storage Node

Storage Node

Storage Node

Compute Node

Compute Node Compute Node

Compute Node

ToR Switch 1

Control Storage

MicroPod

ToR Switch 1

Management Node

Control Storage

Control Storage

…

…

Compute

Compute

Compute

Compute Node

Compute Node

Virtualisation Platform - Cisco NFVI R2.x – Deployment Model

BRKSPG-2402 73


Broad and Deep Networking Capabilities

APIC

Programmable SDN Model

Entire Fabric=Model-Based Switch

Integrated Underlay/Overlay

Multiple Sites/Single Policy Domain

N9K Only

Programmable SDN Overlay Model

Cisco VTS

VTS

VXLAN overlay provisioning and management

across N2K-N9K

(MP-BGP/EVPN Control Plane)

Host overlay with vSwitch (with VTF/VPP)

Segment Routing support coming with NCS at

ToR

No Network/SDN Controller

Openstack Neutron

Network connectivity using OVS, Linux

Bridge or SR-IOV,VPP)

Virtualisation Platform - SDN Controller dependent on reqmts.


TOR

TOR

TOR

TOR

PE

PE

PCEP-C

RR

PCEP-C

RR

NSO

Compute

Compute

Compute

Compute

VIM+SDN

VIM/SDN DC Network WAN/MAN

TOR

VNF VNF

VPP

TOR

VNF VNF

VPP

TOR

VNF VNF

EVPN/SR

L2/VLAN

Virtualisation Platform - SR to TOR or to Host/vSwitch

BRKSPG-2402 75


TOR

TOR

TOR

TOR

PE

PE

PCEP-C

RR

PCEP-C

RR

NSO

Compute

Compute

Compute

Compute

VIM+SDN

VIM/SDN DC Network WAN/MAN

TOR

VNF VNF

VPP/vSwitch

TOR

VNF VNF

VPP/Router

TOR

VNF VNF

EVPN/SR

L2/VLAN

Virtualisation Platform - SR to an SR-enabled VNF

BRKSPG-2402 76


Build

• From 4 to 8 computes – total 10 RU

• Phase 0 – Deliverd• Implement NCS5501 as a MPLS CE/PE

• Controller-less model – using Openstack API

• Phase 1 – Concept phase• Evolve to SR to the ToR

• Enhance Openstack API to support SR (under investigation)

• Phase 2 – Radar• SR to the Host / vSwitch using VPP/ML2 plugin

• Scling with move to SRv6

VM

VM

VM

VM

VM

VM

VM

VM

WAN Hand-off PE

DistributedAnycast GWEthernet/ VLAN

WAN

6 t

o 1

0 R

U

77BRKSPG-2402

Virtualisation Platform - SR to TOR : Plan of Intent


Virtualisation Platform - Cisco NFVI Platform Use Cases

Open APIs for Platform Consumption

Cisco NFVI Scope

Mobility(e.g. Cisco Ultra Services

Platform)

Business Services(e.g. Cisco Virtual Managed

Services)

Media and G/Ws(Cisco V2P, Infinite Home,

vPE/vBNG etc.)

3rd party VNFs




astr

uctu

reM

an

ag

em

en

t

Unifie

d M

an

ag

em

en

t

API

GUI

Mo

nito

rin

g a

nd

Assu

ran


Virtual Storage

(Ceph)

Virtual Compute

(RHEL)

Virtual Network

(OVS, VPP, SR-IOV)

Cisco VIM

Red Hat OSP



Virtualisation Platform - Cloud RAN and Mobile CDN

• Two-tier CDN in support of managed video

• Edge-cache to serve popular content

• Mid-tier cache to serve next level

• Streams HTTP and HTTP(s) as well as DRM-protected content

• Delivered virtualized with cloud management

• Edge Cache is a combination of traditional cache service with s/w for optimization of video content delivery like:

• Review buffer support

• Fast channel change

• Operation is based on re-direction

• HTTP(S) (preferred) and DNS-based

Mobile Network

EdgeCache

UP

OMD Director

WANMid-tierCache

DU

eNB

Content Sources

Traffic Router

Operations

Monitor

Stats

Stats DB

eNB

RU

RU

eNB DU

RU

Distributed RAN Cloud RAN

EdgeCache

UP

CU

Edge Cloud

Edge Cloud

BRKSPG-2402 79


Virtualisation Platform - vEPC on Cisco NFVI & 3rd Party VNF

GN & Gi GW-1 &

CGNAT

ASR 9010 Router

GN & Gi GW-2 &

CGNAT

ASR 9010 Router

MPLS / IP-

RAN

BSC/RNC

eNB

Cluster

Remote

SGSN

Iu-PS/ Gb

S1

S4Internet/

Intranet

SGi

SGi

WAPGW

MMSC

etc

Walled garden

iLO

Switch-iLO

Switch

PGW PCRF

Cisco spine

Switch Cisco spine

Switch

Cisco NFVi Cloud

Gi LAN

OWM -

Gi FWO&M

FW

SECGW

VNF

CSM

EMS

ESC VNFM

Prime

EMS

AAA

3rd Party

VNF

Cisco Leaf

SwitchCisco Leaf

Switch

Orchestrator

NSO

DNS

Compute

UCS C240M4

Storage

UCS

5G Ready Network Architecture5G Secure Network


`

Access

Carrier-E /

Transport


Edge



VPN CPE

Cust. Prem

Peering

DCI

DCI

DCI

DCI

DCI

DCI

Remote DC

Near Edge

Remote DC

Near Edge

Co-Lo

Co-Lo

Peering

Peering

82BRKSPG-2402

5G Secure Network - RAN and Mobile Core Attack Scenario’sDevice Threats

Malware

Sensor Susceptibility

TFTP MitM attacks

Bots DDoS

Fireware Hacks

Device Tampering

Air Interface

Threats

MitM attack

Jamming

RAN Threats

MEC Server

Vulnerability

Rogue Nodes

Backhaul Threats

DDoS attacks

CP / UP Sniffing

MEC Backhaul sniff

SGi / N6 & External Roaming Threats

IoT Core integration

VAS integration

App server vulnerabilities

Application vulnerabilities

API vulnerabilities

5G Packet Core & OAM Threats

Virtualization

Network Slice security

API vulnerabilities

IoT Core integration

Roaming Partner vulnerabilities

DDoS & DoS attacks

Improper Access Control


Cisco virtual SecGW for 4G-4G, 5G-5G, 4G-5G integrations

vASA (virtual Security Gateway)

Distributed DC

with UP (4G + 5G)

Centralized DC

with CP (4G + 5G)

4G - eNB

4G - eNB

5G - gNB

5G – gNB / gnNB

S1-MME, N2

83BRKSPG-2402

5G Secure Network - Dist. SeGW for 4G-4G, 5G-5G & 4G-5G


Internet / Services

Compromised VNF’s

Visibility on what is going out / Anomaly detection – Stealthwatch

Block access to malicious servers – Umbrella

User Access policy & Segmentation – ISE + Trustsec

Policy enforcement – ACI

Stealthwatch

Netflow / IPFIX / ETA / VMWare metadata

84BRKSPG-2402

5G Secure Network - Securing Virtualized infrastructures

Umbrella

Malicious Server

CnC Server

NFV POD

Distributed DC

VNF

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKSPG-2402

5G Secure Network - Multi Vector DDoS Protection

NFV POD

Distributed DC

NFV POD

Centralised DC

DDoS protection

with Firepower AMP +

Threat Grid

Malicious Server

CnC Server

Umbrella

VNFVNF

85


5G Secure Network - Rogue Nodes Detection

Stealthwatch

Netflow / IPFIX / ETA / VMWare metadata

NFV POD

Distributed DC

NFV POD

Centralised DC

VNFVNF

Rogue

eNB

Wifi

Small

Cell

NB/eNB/

gNB

Rogue node detection

• Stealthwatch is baselined and tuned on a network topology

• For each new node that is brought onto the network,

including rogue access eNBs, Stealthwatch is monitoring

the traffic flows and recognises that a new host is active.


5G Secure Network - Securing 5G Distributed Core Arch.

N3

N3

(UP and MEC)

N2

N2

N4

N4

NFV POD

Distributed DC

Internet / Services

Secure CP – UP, RAN-CP

& RAN – UP interface

PKI Support

Cisco Firepower &

TrustSec – IPSec &

Segmentation

Secure Central DC

Secure Application Servers

Cisco Firepower & TrustSec –

Secure EW traffic & Segmentation

SCTP, GTP & Diameter inspection

Cisco StealthWatch – Visibility

Cisco DDoS protection

Cisco ISE for enhanced access control

5G RAN

(CP)

NFV POD

Centralised DCSecure Remote DC

Secure MEC Appln & Server

Secure interface

Cisco Firepower & TrustSec - Secure EW

traffic, IPSec & Segmentation

SCTP, GTP & Diameter inspection

Cisco StealthWatch – Visibility

Cisco Umbrella for DNS based protection


Cisco ISE for enhanced access control

DDoS Protection, NGIPS Protection

CGNAT support

URL filtering

Cisco Firepower

Cisco Umbrella for DNS based protection

Cisco DDoS ProtectionBRKSPG-2402 87


5G Secure Network - Mitigating threats in 5G Network Slice

Stealthwatch

Slice A

Slice B

Slice C

Slice D

Network Slicing Segmentation

• Stealthwatch can detect the anomalous behavior and the

slice components / part of the slice components can be

moved to a separate segmented layer allowing only critical

functions to the affected components

• Isolation and Segmentation between the Slices provided

by the Cisco Firepower & TrustSec


`

Access

Carrier-E /

Transport


Edge



VPN CPE

Cust. Prem

Peering

DCI

DCI

DCI

DCI

DCI

DCI

Remote DC

Near Edge

Remote DC

Near Edge

Co-Lo

Co-Lo

Peering

Peering

89BRKSPG-2402

5G Secure Network - Cisco E2E portfolio addressing scenarios

Device

Threats

Cisco Umbrella

Cisco AMP

Air Interface

Threats

Cisco Umbrella

Partner

Controls

RAN

Threats

Cisco Firepower

Backhaul

/Remote DC Threats

Cisco Firepower

Cisco

Stealthwatch

5G Packet Core

& OAM Threats

Cisco Firepower

Cisco Stealthwatch

Cisco ISE

Cisco Umbrella

Cisco Hardened VNF & NFVI

SGi / N6 & External Roaming

Threats

Cisco Firepower

Cisco Stealthwatch

Cisco Umbrella


Conclusions


Cisco 5G-ready Network Positioning Strategy

• Higher Throughout & Densification

• Simplified Cloud-scale Networking

Build 5G Capabilities into existing IP Transport Network1

2• Service Orchestration

• Automation and SDN Control

Orchestration and Automation with Simplified Operations

3• CUPS/Edge Compute/MEC

• Distributed Functions

Evolve to Virtualised solutions with Distributed intelligence

4• Proactive and Reactive

• Integration with device, access, agg. and Core

End-to-End Security from Network to Application

FronthaulBackhaul

Small

Cells

Cellular

Access

(4G, 5G)

SP Wi-Fi

Internet

SR

User Plane/

Service Func.

Edge DC

SRSR

Core

Control Plane

SRSR

Midhaul

Identity & Policy

Orchestration (NSO)

SDN (WAE/XTC)


Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

How

cs.co/ciscolivebot#BRKSPG-2402


• Please complete your Online Session Evaluations after each session

• Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt

• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations

Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at www.ciscolive.com/global/on-demand-library/.

Complete Your Online Session Evaluation

http://ciscolive.com/Online

http://www.ciscolive.com/global/on-demand-library/


Continue Your Education

• Demos in the Cisco campus

• Walk-in Self-Paced Labs

• Lunch & Learn

• Meet the Engineer 1:1 meetings

• Related sessions

94BRKSPG-2402

Thank you

the cisco 5g-ready sp e2e architecture including sdn ... · 1g 2g 3g 4g 5g 1980s 1990s 2000s ......

Documents