Etisalat* and intEl –Virtualizing thE intErnEt gatEway gi-lan for sErVicE flExibility

intEl® nEtwork buildErssolution briEf

Introduction

Etisalat Group* is one of the world’s leading telecom groups in emerging markets. Headquartered in Abu Dhabi, Etisalat provides innovative solutions and services to 169 million subscribers in 19 countries across the Middle East, Asia, and Africa.

Etisalat Egypt, with more than 22 million subscribers, is one of the largest communications service providers (CSPs) in Egypt. They are one of the first in the region to enable 3G. With their subscriber base growing rapidly and network usage increasing, they found it necessary to move to a more flexible distributed packet core network infrastructure to meet growing demand and future service requirements such as Internet of Things (IOT).

In 2015, they embarked on a challenging effort to architect and deploy a proof of concept (PoC) test of a Gi-LAN that utilized network functions virtualization (NFV). With NFV, Etisalat Egypt can replace high-cost fixed network function appliances with software applications called virtual network functions (VNFs) running on Intel® architecture servers to offer a more flexible infrastructure for new services.

The Gi-LAN is that part of a mobile network positioned between evolved packet core (EPC) and the Internet gateway. The Gi-LAN provides a number of common services to user data as it flows through the network, including firewall, network address translation (NAT), policy and charging enforcement, and traffic detection (PCEF/TDF), content delivery network (CDN), and video transparent caching and optimization. A typical Gi-LAN supports several million subscribers.

Managing the operations offered by service providers, such as adding new services or increasing capacity of a service, today often requires provisioning of multiple routers, switches, and network elements, which is complex, inflexible, and can delay deployment of new capabilities. This is in addition to the fact that all traffic flows through each of the network elements, even though only a subset of these services may be required.

Dynamic service function chaining (SFC) enables CSPs to automatically and dynamically set up, provision, and manage network services in software without having to make changes to the network hardware. SFC intelligently steers traffic only to the services that are required, helping providers to avoid overprovisioning their network, and instead to scale-up and invest only based on real capacity needs.

This offers operators much greater flexibility and control, as service chains can be fine-tuned. This ensures the appropriate level of service, based on the customer contracts.

The virtualized Gi-LAN PoC proved the viability and performance of a VNF-based implementation, prompting Etisalat Egypt to start deploying the technology for new network expansions. This is in keeping with an ultimate objective of a fully virtualized Gi-LAN based on network functions virtualization.

2

Challenge

Most CSPs’ Gi-LANs are built using inflexible, fixed-function appliance-based architectures. Each CSP has its own architecture and mix of vendors. In order to provide individualized service chains, subscriber groups are initially identified through the use of access point name (APN), which may be refined through the use of preconfigured packet inspection. This requires complex, error-prone manual configuration that can result in inaccurate and inelastic service delivery.

The use of VNFs hosted on standard Intel architecture servers in lieu of hardware appliances makes possible dynamic service function chaining (SFC). Network services can be dynamically set up, configured, and managed to match subscriber profile requirements. Traffic is classified as it enters the Gi-LAN and is guided to appropriate services as dictated by the user’s service profile. For example, a user accessing a corporate business service might need:

• Firewall

• TCP proxy

• NAT

Whereas a consumer accessing video services might need:

• Load balancing

• Content delivery optimization, including web, video, audio, and Internet TV

SFC reduces the time required to offer new innovative services, enabling CSPs to innovate, differentiate,

and create markets for new personalized value-added services that can be quickly productized and offered to subscribers. Examples include video optimization, content caching, parental control, URL filtering, and data security services.

The NFV-based Gi-LAN is granular, scalable, and dynamic. It offers increased service agility while reducing equipment costs, power consumption, and operational expenses.

Solution

In 2015, Etisalat Egypt commissioned AvidBeam Technologies Inc.* to architect and implement a PoC demonstration of a VNF-based Gi-LAN. The PoC was built around an NFV infrastructure (NFVI) that is one of main building blocks in the ETSI NFV framework. The PoC consisted of standard off the shelf Intel processor-based servers from Dell* and Red Hat Linux and hypervisor software for hardware abstraction and virtualization.

A number of VNF elements were used from several vendors:

• Switching – Red Hat Enterprise Linux OpenStack Platform - Neutron and Open vSwitch (OVS)*

• Routing and DNS – Brocade*

• Firewall, distributed denial of service (DDoS) protection, and Carrier Grade NAT (CG NAT) – F5*

• Policy and charging enforcement, and traffic detection (PCEF/TDF) and policy and charging rules function (PCRF) – Sandvine*

• Outbound anti-spam, CDN, transparent proxy caching and video optimization – AvidBeam

3

Figure 1 shows the hardware and software used in the PoC.

During the PoC, multi-vendor VNFs worked smoothly and reliably together with minimum integration complexity. All VNFs were functionally verified. The PoC results using a packet generator were:

• Average delay introduced by seven VNFs was 5.3 ms1

• 1 Gbps line rate1

The successful PoC demonstrated the viability of a virtualized Gi-LAN. Etisalat Egypt is now planning for VNF-based Gi-LANs in its five-year expansion roadmap. Etisalat expects that the move to distributed NFV-based processing will provide them with better performance and the ability to quickly adapt to new technologies, such as 5G and Internet of Things (IoT).

A lower total cost of ownership (TCO) is anticipated, the extent of which will be calculated when the initial deployments are commissioned in a commercial network. Etisalat is expecting that the cost benefit of new Gi-LANs will come from three areas:

• CAPEX - through the use of Intel architecture servers that serve multiple VNF services

• OPEX - due to fewer components, dynamic SFC, and less human intervention

• Faster time to market - less development and shorter time-to-market for new services

Intel Technology

Etisalat and AvidBeam are both members of the Intel Network Builders ecosystem, which was instrumental in the success of the PoC. The Intel Network Builders ecosystem has more than 200 members, including start-ups, industry leaders, communications services providers, and other key companies who are joining with Intel to help CSPs to rapidly adopt NFV and software defined networking (SDN). Intel works with its Intel Network Builders partners on technology integration, marketing, technology development, and proofs of concept.

In fact, the Etisalat Egypt PoC was built entirely from hardware and software selected from Intel Network Builders ecosystem members. Servers powered by Intel® Xeon® processor E5 2600 v3 were used for their support of high-volume networking and multicore execution. Intel Ethernet Controller XL710 network interface cards (NICs) were used to enhance performance.

* Other names and brands may be claimed as the property of others.1 Tests conducted by AvidBeam using Dell R730 Poweredge servers with Intel® Xeon® E5 2690 V3 CPUs with 128G of RAM. Test configuration also included Intel XL710-based controllers operating at 1 Gbps. DDoS was disabled to avoid a false positive attack indication

Figure 1. Hardware and software used in the Etisalat PoC*

4

Intel engineers were a valuable hands-on resource to AvidBeam, acting as design consultants. Likewise, Intel Egypt provided hardware and software resources. Intel’s involvement was key to architecting a carrier grade solution, with high reliability, maintainability, and scalability.

Summary of VNF-based Gi-LAN Features

• Subscriber policies are shared among service functions, such as security and parental controls

• Highly scalable. VNFs may be instantiated as needed to meet demand. Gi-LAN capacity as a whole can be increased by the addition of server blades or servers

• Lower latency for subscribers since distributed packet cores can be located closer to subscribers

Summary of VNF-based Gi-LAN Benefits

• Lower the TCO of the Infrastructure: the virtualization of network functions delivers the compounded benefits of reducing CAPEX hardware investments and all the associated OPEX operational costs (management, space, power, and cooling requirements)

• More subscribers – due to offering flexible, agile, and personalized value-added services

• Faster time-to-market – for new services

• Lower Latency – Distributed Gi-LANs are located closer to subscribers reducing the data transit time resulting in a dramatic reduction in latency

Conclusion

Communications service providers are continuing to look for ways to lower their CAPEX/OPEX in order to increase profits in an era of increasing costs and decreasing revenues. Virtualization of the packet core, and specifically the Gi-LAN, offers an opportunity to satisfy these goals. Etisalat has aggressively pursued this option with a successful PoC that exclusively used VNF-based components.

Based on this success, Etisalat is planning to move to an initial deployment phase that will eventually lead to a full NFV infrastructure, including virtualized voice processing.

5

DisclaimersSoftware and workloads used in performance tests may have been optimized for performance only on Intel microprocessors.

Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products.

For more complete information visit http://www.intel.com/performance.

Intel does not control or audit third-party benchmark data or the web sites referenced in this document. You should visit the referenced web site and confirm whether referenced data are accurate.

Cost reduction scenarios described are intended as examples of how a given Intel-based product, in the specified circumstances and configurations, may affect future costs and provide cost savings. Circumstances will vary. Intel does not guarantee any costs or cost reduction.

© 2016 Intel Corporation. Intel, the Intel logo, the Intel. Experience What’s Inside logo, Intel. Experience What’s Inside, and Intel Xeon are trademarks of Intel Corporation in the U.S. and/or other countries.

*Other names and brands may be claimed as the property of others. 0616/DO/PDF 334607-002US