Nadeem Zahid is Senior Director Strategy & Cloud for Savvius.
Virtualization is a great example of a technology that’s being used in the data center to improve operational efficiency. After the early waves of virtualization in compute and storage, attention is now being paid to network virtualization. Network Function Virtualization (NFV) puts traditional network services into software that runs on commoditized hardware machines. This has the potential to radically reduce costs and make IT infrastructure more flexible, scalable and cost-effective.
However, NFV also makes networks more complicated and creates new network blind spots. These blind spots make network visibility much more challenging. Traditional network visibility methods include tapping the wire, gathering wireless data, or using traffic mirroring (SPAN) functionality that feeds the data into visibility solutions such as Network Performance Monitoring (NPM) tools. But, NFV interferes with these methods. Let’s look at some of the new blind spots that a virtualized network can exhibit.
First, without physical network devices there’s no wire data to tap into. NFV employs multiple Virtual Network Functions (VNF) that run on top of the server’s compute function, rather than within traditional network nodes such as routers, switches or firewalls. Each VNF is responsible for some specialized function in a "service chain," and if you can’t see that traffic between two VNFs, you can’t isolate issues when something goes wrong. This can lead to arguments among different IT teams when serious problems happen, because it’s very difficult to identify who is responsible.
Next, backhauling NFV traffic to a physical network or packet broker will multiply the traffic, wasting expensive network bandwidth and inducing latency. Some organizations use this as a temporary solution, but it’s not ideal. Backhauling east-west traffic in the north-south direction to feed it into a visibility tool also creates business risk because it competes with the actual mission-critical traffic traversing the same network. If mission critical data can’t get through, business continuity will suffer.
Additionally, this lack of visibility can create bottlenecks than impact the customer experience. A task in an NFV environment like banking online or making a cell phone call might include several VNFs in a chain that are distributed across different machines. If those resources are provisioned close to an existing saturation point and IT cannot see this, they may ask the resource for more than it can give. For example, if bandwidth, CPU and memory resources associated with a virtual-switch on a machine are choking, and that machine is already critical to the NFV service chain, it could create unpredictable performance, such as an end user getting a dropped call or an online service timing out on them.
Without the ability to get visibility into these network blind spots, NFV can quickly turn into “non-functional virtualization” and the business can start losing revenue and customers. What’s the solution? Here are some tips to consider if you’re already running NFV or considering a rollout:
The best way to provision visibility in an NFV environment is to deploy virtualized visibility tools (such as NPM solutions) next to the critical VNF on the same machine in a 1:1 fashion. For less mission-critical functions, aggregated traffic can be relayed to the NPM tool running as a central Virtual Machine (VM) within the same virtual environment or hosted in the cloud.
Be aware of the costs associated with storing and moving of data across boundaries when monitoring SaaS application or the cloud. On the positive side, this approach can give teams access to larger data sets, which could allow the company to use machine learning to predict user behaviors and services.
A good visibility setup should also monitor the infrastructure resources of the machines running VNF. The important VNF east-west traffic can be monitored in real-time or analyzed immediately during stressful situations, even if the external network never sees that traffic. The NFV entry and exit north-south traffic can be monitored through traditional NPM methods or through virtualized tools. This level of complete correlation of NFV-related traffic allows an organization to remotely monitor the entire network to assure business and service continuity. In case of any service interruptions, network data can be captured and analyzed for faster root-cause-analysis. Having coverage for both (east-west and north-south) means teams can quickly investigate and remediate, turning visibility into actions that reduce mean-time-to-service.
NFV creates a new set of visibility challenges in the distributed enterprise and within service provider networks. If you want to eliminate network blind spots and create a high-performance NFV environment, be sure to have a well-planned visibility strategy in place to ensure complete north-south and east-west coverage visibility and confidently maintain a high level of service.
Opinions expressed in the article above do not necessarily reflect the opinions of Data Center Knowledge and Informa.