Technical Field
Embodiments generally relate to network services.
Background
Some modern data networks provide personalized services. Networks may provide connections between clients subject to service level agreements (SLAs) specifying characteristics and performance guarantees. For example, clients may establish a virtual Ethernet connection with a specified dedicated bandwidth.
To these connections, some networks may apply network functions, such as, for example, intrusion detection, firewalls, packet inspection, etc. Providing these functions may require changes to routing of traffic flow to route data to a server that provides the function. For example, an intrusion detection system may inspect sequences of packets to detect and prevent network attacks. Therefore, traffic may be routed through a particular device that provides the intrusion detection function.
Traditional routing algorithms rely on local information at each router regarding its neighboring links and devices to route data. A router maintains such information in a routing table. Based on the destination address of an incoming packet, a router uses its routing table to forward the packet to a specific neighboring device.
A technique, referred to as Software Defined Networks (SDNs), separates the control and forwarding functions into separate devices. A control device may use a global knowledge of the network topology to determine a path through the network of forwarding devices for individual data flows. In this way, the control device may, for example, establish paths that minimize delay or maximize bandwidth through the network, or route a data flow through a particular device that provides a particular network function.
Traditional approaches to providing network functions rely on setting up the function when initiating a network service. For example, a client may establish a virtual Ethernet connection that includes a firewall function at a medium level of security inspection. However, this approach may fail to adequately respond to changing network conditions and may waste resources by processing the network function for the duration of the network service.