Traditionally, network functions (e.g. firewalls, Load Balancers, Deep Packet Inspectors, Network Address Translators, etc.) have been provided as Physical Network Functions (PNFs) on dedicated hardware appliances that typically require physical installation at each site where such PNFs are needed.
Network Functions Virtualization is an emerging approach to transform network functions (NFs) previously performed via proprietary hardware appliances into Virtual Network Functions (VNFs). A network function (NF) is a functional building block within a network infrastructure, which has well-defined external interfaces and a well-defined functional behavior. In accordance with Network Functions Virtualization approach, NFs can be implemented as application software which can be run on a range of standardized, high-volume servers, switches, and/or storage that can be located, for example, in datacenters, network nodes, end user premises, etc.
Virtualization of NFs enables a standardized execution for VNFs and sharing of physical hardware by multiple VNFs. Implementing of Virtual Network Function decouples the software implementation of the network function from the infrastructure resources it runs on. Thereby, NF virtualization enables a much more flexible and dynamic network than a legacy communication network.
Architecture of telecom services based on Network Function Virtualization (NFV) is detailed, for example, in a series of documents published by the European Telecommunications Standards Institute (ETSI).
Problems of managing services in NF Virtualized networks have been recognized in the conventional art and various techniques have been developed to provide solutions, for example:
US Patent Application No. 2014/0317261 discloses a method of defining interdependent virtualized network functions for service level orchestration. The method can comprise: identifying, by an orchestrator executed by a physical machine, a plurality of virtualized network functions required for implementation of a virtualized network service for a customer, each virtualized network function having a corresponding and distinct virtualized container specifying attributes for defining execution of the corresponding virtualized network function within one or more physical machines; and setting by the orchestrator an interdependency indicator within each virtualized container based on association with the virtualized network service, enabling identification of each of the virtualized network functions as interdependent for coordinated execution of the virtualized network service.
International Patent Application No. WO15/126430 discloses a method of managing virtual network functions for a network. The method includes providing a virtual network function (VNF) including a number of virtual network function components (VNFCs) of a number of different types, each VNFC comprising a virtual machine (VM) executing application software. The method further includes creating for up to all VNFC types a number of deactivated VMs having application software, monitoring at least one performance level of the VNF, and scaling-out the VNF by activating a number of deactivated VMs of a number of VNFC types when the at least one performance level reaches a scale-out threshold.
US Patent Application No. 2015/0082308 discloses a method for implementing an entity of a network by virtualizing the network entity and implementing it on one or more servers each acting as an execution unit for executing thereon one or more applications running and/or one or more virtual machines running on the execution unit. Each of the application programs or virtual machines running on a server and implementing at least a part of the functionality of the network entity being called a virtual network function VNF module, wherein a plurality of the VNF modules together implement the network entity to thereby form a virtual network function VNF. The method comprises: obtaining m key performance indicators (KPI) specifying the required overall performance of the VNF, obtaining n performance characteristics for available types of execution units, determining one or more possible deployment plans based on the obtained m KPI and n performance characteristics, each deployment plan specifying the number and types of execution units, such that the joint performance of VNF modules running on these execution units achieves the required overall performance of the VNF.
US Patent Application No. 2015/0142940 discloses a technique for analyzing virtualization-related information related to a telecommunications network for managing network virtualization. A system for analyzing virtualization-related information can include an information concentrator. The information concentrator can include a first interface for receiving the virtualization related information and an analysis engine for collecting and analyzing the received information, for determining a set of network virtualization related data based on the information, and for directing the network virtualization related data set to a node for making virtualization decisions.
The references cited above teach background information that may be applicable to the presently disclosed subject matter. Therefore the full contents of these publications are incorporated by reference herein where appropriate for appropriate teachings of additional or alternative details, features and/or technical background.
General Description
In accordance with certain aspects of the presently disclosed subject matter, there is provided a method of assessing latency of forwarding data packets in virtual environment. The method comprises: upon specifying a transmitting monitoring point associated with a first virtual function (VF) corresponding to an ingress virtual port of a virtualized platform (VP) running on the computing platform and a receiving monitoring point associated with a second VF corresponding to an egress virtual port of a virtualized platform (VP) running on the computing platform, generating packet signatures (SGs) for at least part of data packets eligible for monitoring, thus giving rise to monitored departing packets, each uniquely characterized by respective departing packet signature SGD and to monitored arriving packets each uniquely characterized by respective arriving packet signature SGA. The method further comprises: maintaining a first data structure comprising a plurality of records related to monitored departing packets associated with the first VF, each record among the plurality of records further informative of, at least, SGD and registered departure time TD of a given departing packet, wherein departure time TD is indicative of departure time of the given departing packet from the first monitoring point Tx; responsive to registering arriving time TA of a given monitored arriving packet SGA associated with the second VF, searching the first data structure for a record matching a matching condition, wherein the matching condition at least comprises requirement that SGD=SGA, and wherein arriving time TA is indicative of arriving time of the given arriving packet at the receiving monitoring point; modifying the matching record, when found, to become informative of latency ΔT=TA−TD and adding the modified matching record to a second data structure storing one or more modified records, each informative of latency measured for forwarding a respective packet from the first monitoring point to the receiving monitoring point; and enabling using data in the second data structure for assessing latency of forwarding packets from the ingress virtual port to the egress virtual port of the virtualized platform.
By way of non-limiting example, Virtualized Platform can be a virtual machine, a virtualized container, a group of virtual machines and/or virtualized containers, a chain of virtual machines and/or virtualized containers.
The matching condition can further comprise a requirement that the given departing packet has departed from the transmitting monitoring point associated with a predefined first VF while the given arriving packet has arrived at the receiving monitoring point associated with a predefined second VF.
The method can further comprise: identifying all VPs involved in data processing related to a certain virtual network function (VNF); specifying the transmitting and receiving monitoring points in accordance with identified VPs; and assessing VNF latency-related characteristics using latencies assessed for forwarding packets from the ingress virtual port to the egress virtual port of each of the involved VP.
In accordance with other aspects of the presently disclosed subject matter, there is provided a network interface module operative in data communication with a computer configured to run at least one VP, the module being capable of providing I/O virtualization for the at least one VP and being configured to perform the method of assessing latency of forwarding data packets in virtual environment as disclosed above.
In accordance with other aspects of the presently disclosed subject matter, there is provided a computing platform comprising a computer configured to run at least one VP and a network interface module configured to provide I/O virtualization for the at least one VP, the module being further configured to perform the method of assessing latency of forwarding data packets in virtual environment as disclosed above.
In accordance with other aspects of the presently disclosed subject matter, there is provided a computing platform comprising a computer configured to run at least one VP, a network interface card (NIC) configured to provide I/O virtualization for the at least one VP and a latency measurement module operatively connected to the NIC and being configured to perform the method of assessing latency of forwarding data packets in virtual environment as disclosed above.
In accordance with other aspects of the presently disclosed subject matter, there is provided computer program product implemented on a non-transitory computer usable medium having computer readable program code embodied therein to cause the computer to perform the method of assessing latency of forwarding data packets in virtual environment as disclosed above.
In accordance with further aspects and, optionally, in a combination with other aspects of the presently disclosed subject matter, the records in the first data structure can further comprise data derived from transport headers of respective departing packets and/or data derived by deep packet inspection. The records in the second data structure further can comprise data derived from transport headers of respective departing packets and/or data derived by deep packet inspection. Optionally, latency can be assessed in consideration of data derived from transport headers of respective departing packets and/or data derived by deep packet inspection.
In accordance with further aspects and, optionally, in a combination with other aspects of the presently disclosed subject matter, the monitoring points can be specified as a pair constituted by the transmitting monitoring point associated with a predefined first VF and the receiving monitoring point associated with any second VF. Alternatively, the monitoring points can be specified as a pair constituted by the transmitting monitoring point associated with a predefined first VF and the receiving monitoring point associated with a predefined second VF.
Optionally, the ingress virtual port and the egress virtual port can correspond to ingress and egress directions of the same virtual port, and the first virtual function and the second virtual function correspond to ingress and egress directions of the same virtual function.
In accordance with further aspects and, optionally, in a combination with other aspects of the presently disclosed subject matter, all arriving packets can be configured as eligible for monitoring.
In accordance with further aspects and, optionally, in a combination with other aspects of the presently disclosed subject matter, only part of the departing packets can be configured as eligible for monitoring, the part is defined by a predefined downscale ratio. Additionally or alternatively, only departing packets associated with a predefined traffic protocol can be configured as eligible for monitoring.
Among advantages of certain embodiments of presently disclosed subject matter is capability of latency assessment for services, virtual network functions and/or components thereof based on real-time passive measurement, without a need for test traffic insertion.