Previously published on Light Reading
With NFV, network engineers are going to be swimming in telemetry data collected from both virtualized network functions (VNFs) and from the underlying infrastructure that supports them (e.g. CPU and memory utilization). Will there still be a need for network probes, either physical or virtual?
Well, VNFs (vEPC, vIMS, etc.) won't be able to undertake end-to-end session flow analysis. So, there will still be a need for virtual passive probes to carry out correlation analysis of individual sessions such as a VoLTE call or a video stream. Passive probes enable a rich set of key performance indicators (KPIs) and key quality indicators (KQIs) to be compiled, providing greater visibility into the network than the VNF Manager and the Virtualized Infrastructure Manager alone can provide.
And what about active probes? Well, they too will be deployed to validate VNFs (vEPC, vIMS, etc.) and send the results up to the orchestration layer, in real time, to validate that a service is performing in accordance with its service level agreement (SLA). These active probes will themselves be VNFs and will form part of a wider service chain.
So, while passive probes allow us to understand the quality of the network, active probes enable us to measure the quality of the end user experience.
With NFV, service assurance will no longer be an afterthought or a tool used only to manage high-revenue, SLA-based services. Instead service assurance will become an embedded function of every service to provide systems with a complete overview of the virtual network.
Service assurance relies on network and service level KPIs and KQIs to measure performance. Like in physical networks, these indicators are derived from either active or passive probes. However, in the virtual or hybrid network these probes are implemented in the software layer, as VNFs, rather than in purpose-built hardware.
Traditional networks had fixed, well defined architectures for service mapping and this meant that service assurance could be closely tied to network performance since there was essentially a one-to-one mapping of service flow to network architecture. Virtualized networks break this relationship. In the virtual network, service routing is continuously optimized to address congestion or equipment failure. It is impossible to predict how the service will be mapped through the network at any point in the future, hence there are no obvious places to measure Quality of Service (QoS). With NFV, assurance needs to become an essential part of the service, rather than a part of the network.
Service assurance relies on two different measurement techniques to understand performance: passive probing and active probing. Passive probes monitor data that passes through them, while active probes measure end-to-end performance by generating traffic between each other.
In a traditional network, where the physical network was closely aligned to the service requirements, passive probing was adequate for managing most services since networking metrics like bandwidth utilization or errored frames provided enough insight into performance to allow operations teams to manage issues as they arose. Active probing was typically reserved for high-revenue services with performance-based SLAs.
Passive probing is ideally suited for gathering large amounts of network data and storing it for troubleshooting analysis. Active probing, on the other hand, provides a real-time view of the service -- especially key indicators such as latency, jitter or packet loss (e.g. ITU-T Y.1731 and IETF RFC 5357 TWAMP). Consequently, active probes can be used to provide real-time feedback to orchestration systems for automated network optimization.
Active probing involves injecting traffic at one end and then measuring the impact at the other end. The critical piece of information that is required here is an accurate timestamp from both ends. Passive probing does not give you a real-time, end-to-end view of performance and hence is not used to measure latency or jitter. Active probes can cover a wide list of test capabilities that range from Layer 2 up to application layer. These tests provide proactive insights into the performance of the network and/or service. Rather than having to "wait" for issues to occur in the network (as in the passive approach), analyzing the active tests data in real time provides an accurate view of the degradations, which allows operators to fix problems before they impact the end user.
As Ihab Mahna, solution architect at EXFO, explains: "The importance of active testing is that during normal running of a VNF-based service delays may occur -- not big enough to drop a call and trigger an alarm, but important enough to point to where something might be starting to go wrong."
In a passive-only probing architecture, the degradations observed are on live user traffic. Passive probing is thus a reactive way of monitoring the network whereas active probing is proactive. Active probing is critical, but the combination of both active and passive test provides a more complete picture of end-to-end real-time service monitoring and long term trend analysis. Orchestrating both passive and active tests as part of a VNF service lifecycle will be a key enabler of the closed loop automation that NFV promises.