Nokia Network Services Platform Release 17 Carrier SDN and network management for IP/MPLS, Carrier Ethernet and optical networks. The Nokia Network Services Platform (NSP) is the first carrier software-defined networking (SDN) platform that unifies service automation, network optimization and dynamic assurance so that network operators can deliver on-demand network services efficiently, profitably and with scalability.

The Nokia NSP provides operators with an abstracted and simplified way to define, provision and activate network services across networks that can span multiple layers (Layer 0 to Layer 3), multi-technology services and physical/ virtual infrastructure, as well as equipment from multiple vendors. With the Nokia NSP, service instantiation is intelligent, ensuring that services are mapped to the best available IP and optical network paths. With optimization criteria and constraints specified at service creation, operators can be confident that provisioned services are placed on optimal paths, whether to achieve low latency, cost or utilization, and with service requirements for bandwidth being met on demand. The NSP also continuously adapts and optimizes the network in real time using flow redirection and self-tuned adaptive routing. By intelligently adapting the network to real-time changes in demand and traffic patterns, NSP enables operators to get more out of existing network assets while keeping service quality and network efficiency high.

1

The Nokia NSP extends assurance, such as integrated OAM tests and network and service supervision, to SDN services so operators can move from trial to large-scale deployments. Extending SDN automation to assurance functions ensures ongoing optimization for meeting service level agreements (SLAs) (e.g., latency), improves service/network health and delivers higher network performance — without manual intervention.

Data Sheet Nokia Network Services Platform

Features

Benefits

• Unified automation, optimization and assurance for IP/MPLS, Ethernet, optical and IP/optical networks

• Deliver profitable, on-demand network services

• Abstracted service provisioning automation with network-aware path placement to meet SLAs

• Gain faster, simpler network service innovation and delivery with optimal usage of network paths

• Optimal path instantiation from centralized SDN Path Computation Element (PCE)

• Get more from existing network assets with real-time SDN control that optimizes path instantiation

• Policy-based, real-time network optimization and flow control driven by key performance indicators (KPIs) and analytics

• Enable rapid adaptation to changing demand and traffic patterns with automated assurance actions

• Support for multiple tenants, physical and virtual domains, IP and optical layers, L0 – L3 service technologies and multivendor equipment

• Extend automation, control and assurance across broad scope with flexibility to leverage existing investments

How the Nokia NSP works The NSP addresses the dynamic connectivity needs of cloud applications through on-demand creation, maintenance and removal of IP/MPLS, Ethernet and optical network services and resources. It uses a powerful policy engine and abstracted, standardsbased service models to quickly and efficiently create network services. An intelligent, networkaware service connection manager optimizes the mapping of service connections to network tunnels and resources in real-time. With simple REST/RESTCONF Application Programming Interfaces (APIs), IT and Operations Support Systems (OSSs) and service orchestrators can integrate with the NSP. This set of NSP northbound APIs enables access to abstracted models that hide service provisioning complexity and enable assurance for the Carrier SDN era. The NSP Connected Partner Program certifies third-party application interoperability through the NSP northbound API for leading industry IT/OSS vendors.

2

With multiple southbound device management protocols, the NSP is able to deploy services, paths and other network resources over IP, optical or Carrier Ethernet network equipment and across equipment from multiple vendors.

Product components The NSP consists of seamlessly integrated components: the Network Services Director (NSD) for service automation, various Network Resources Controller (NRC) modules for IP and optical PCEs and flow control, and Network Functions Manager (NFM) modules for IP/MPLS, Carrier Ethernet and optical network management. All modules present the option of adding Assurance and Analytics functions and applications. Modules share a common set of REST/RESTCONF APIs. (See Figure 1.)

Data Sheet Nokia Network Services Platform

Figure 1. Network Services Platform product architecture IT/orchestration layer REST, RESTCONF Carrier SDN management and control Network Services Director (NSD) Analytics & Assurance

Network Functions Manager (NFM)

Network Resource Controller-X (multi-domain, multi-layer) NRC-T transport

NRC-P packet

NRC-F flow

NFM-P packet

NFM-T transport

Multi-vendor mediation plug-ins NETCONF/YANG, SNMP, CLI

Topology discovery (IS-IS, OSPF/TE, BGP-LS)

PCEP

Network programming (BGP FlowSpec, OpenFlow)

Multivendor IP/optical network with physical/virtual components

Network Services Director The Network Services Director (NSD) is the network service fulfillment module of the NSP. It automates IP/MPLS, Carrier Ethernet and optical service provisioning by mapping abstract service definitions to detailed service templates using operatordefined policies. It also provides provisioning for complex multi-technology services across multidomain networks. The NSD maintains abstracted service models that are “Yet Another Next Generation” (YANG) standards-based and maps these to devicespecific models that are normalized for multivendor provisioning transparency. A key benefit of the NSD provisioning is that it is network-aware and manages a centralized database of service connection resources (tracking tunnel bandwidth). This means that as it provisions services, it performs an inline optimal path selection through an intelligent path search within its database, which finds available paths that will best meet required bandwidth, span, latency, cost, path diversity and other constraints. Through tracking link state in its centralized database, including link utilization, the NSD uses policies to direct incoming service connection requests to tunnels/paths that use less-utilized links. In this way, the NSD can avoid potential congestion. 3

The NSD allows operators to customize the binding of service connections to tunnels/paths by letting them define service-specific policies. If there is no service connection path that meets the specified requirements (i.e., if one does not currently exist or if none have the required characteristics), then through policy the NSD can leverage the NRC to establish a new path. The NSD works in conjunction with the NSP Assurance and Analytics function for use-cases such as IP/optical network-aware provisioning automation with service validation, and bandwidth-on-demand for IP/optical services with Link Aggregation Group (LAG) re-sizing. (See Assurance and Analytics section, Figures 2 and 3.)

Network Resource Controller The Network Resource Controller (NRC) performs multi-domain and multi-layer path computations across IP/MPLS, optical or IP/optical networks. The NRC serves path connection requests from the NSD, OSSs and orchestration systems, and physical/virtual network elements. Because the NRC is centralized, it has the full IP/optical network view required to calculate the optimal path for any combination of business objectives (e.g., lowest cost) and technical constraints (e.g., exact bandwidth or latency required). Data Sheet Nokia Network Services Platform

The NRC is standards-based on a stateful PCE architecture. It employs various path optimization algorithms to ensure the best path placement for services and load-balancing for path distribution across the network. This includes the Nokia Bell Labs Self-Tuned Adaptive Routing (STAR) algorithm which is proven to be able to place 24 percent more paths on the network than with present modes of operation using Constrained Shortest Path First (CSPF). The NRC leverages these algorithms to release stranded bandwidth, to intelligently distribute tunnels/paths across the network so that operators can get more from existing networks, and to eliminate the need for manual stitching of inter-area and IP/optical paths.

The NRC-F addresses several use cases, including: • Congestion resolution with flow re-direction to alternate paths (See Assurance and Analytics section, Figures 4 and 5) • VIP-source subnet-based steering and VIP link management • Per-Autonomous System (AS)-based traffic optimization • Egress peer engineering • Distributed denial of service (DDoS) mitigation

Network Resource Controller – Packet The NRC-P manages the creation of Label Switched Paths (LSPs) across IP network elements and supports both Resource Reservation Protocol (RSVP) Sophisticated service and network KPIs and analytics and segment routing (SR) LSP technologies. The serve as triggers for policies that adapt the network NRC-P maintains an enhanced Interior Gateway by re-routing paths or adding more bandwidth to Protocol-Traffic Engineering (IGP-TE) topology and a service connections as necessary. current path database that is synchronized with the By reducing complexity, enabling more effective use network elements. of network assets and lowering overall congestion, The NRC-P is open and standards-based. It the NRC allows network operators to reduce overall communicates with network elements like IP routers CAPEX and OPEX and increase revenue from using Path Computation Element Communication existing assets. Protocol (PCEP) and leverages multiple techniques for topology discovery, including Traffic Engineering The NRC is comprised of four modules: (TE), Extensions to Open Shortest Path First (OSPF• Network Resource Controller – Flow (NRC-F) TE), Intermediate System-to-Intermediate System (IS-IS) TE, and Border Gateway Protocol - Link State • Network Resource Controller – Packet (NRC-P) (BGP-LS). • Network Resource Controller – Transport (NRC-T) Network Resource Controller – Transport • Network Resource Controller – X (NRC-X) The NRC-T manages the creation of a transport path Network Resource Controller – Flow connection for Layer 1 optical transport networks and Layer 0 wavelength division multiplexing (WDM) The NRC-F is the flow controller module of the networks. The NRC-T maintains an optical topology NSP that leverages flow-based protocols such as and current path database that is synchronized OpenFlow and BGP FlowSpec to perform intelligent with the network elements and takes physical layer traffic steering analysis and automate policy-based redirection as needed, at the granularity of flows or knowledge such as impairments into consideration routes. It intelligently steers traffic onto the various to ensure that optimal paths are computed. alternate paths in the network that are determined to alleviate congestion and/or deliver the traffic in a more optimal or load-balanced way.

4

Data Sheet Nokia Network Services Platform

Network Resource Controller – X The NRC-X controls hybrid inter-domain and interlayer (IP/optical) path calculation and optimization. It functions across multiple routing domains, multiple transport domains or a combination of routing and transport domains. It serves as a parent to the NRC-P and NRC-T when required to dynamically calculate optimal paths through hybrid IP/optical networks. Additionally, it serves as a parent to thirdparty SDN controllers and PCEs.

Network Functions Manager The Network Functions Manager (NFM) performs comprehensive network management for network infrastructure deployment, provisioning, maintenance, statistics collection, proactive OAM testing, troubleshooting and OSS mediation. The NFM provides base fault, configuration, accounting, performance and security (FCAPS) management with many advanced extensions for network deployment automation, service templates and assurance. The NFM is comprised of two modules: • Network Functions Manager – P (NFM-P), and • Network Functions Manager – T (NFM-T) Network Functions Manager – P The NFM-P enables IP network and service management across all domains of IP/MPLS and Carrier Ethernet networks across access, aggregation, metro and core. It also delivers unified operations, whether network services are running in a virtualized environment or on specialized hardware platforms. This includes mobile management from backhaul to packet core (including the latest Nokia cloud-based Evolved Packet Core [EPC] solution), as well as IP/microwave transmission. The NFM-P provides an advanced scripting framework to enable customized programmatic control for automation of network deployment, audits and bulk maintenance changes. Its golden configuration and snapshots application bring enhanced integrity to network deployment that

5

reduces mis-configurations. It provides multivendor route analytics through its Control Plane Assurance Manager (CPAM) application. The NFM-P also delivers an integrated carrier-grade Virtual Network Functions VNF manager (VNFM) for Nokia IP Routing and EPC VNFs which fits into ETSI NFV management and orchestration (MANO) environments leveraging OpenStack. Network Functions Manager – T The NFM-T centralizes and consolidates multiple functions for the management of optical networks from access to metro to core. The NFM-T allows network operations staff to efficiently plan, deploy and manage the optical network over its complete life cycle. It also provides element, network and service management that supports multiple optical technologies, services and network sizes. The NFM-T provides common optical management for end-to-end operations. This includes service provisioning over multi-technology optical transport networks (SDH/SONET, Carrier Ethernet, WDM, reconfigurable optical add-drop multiplexer (ROADM), OTN and packet). Fault management web apps reduce the time and cost of network and service assurance operations. A common northbound API enables OSS integration.

Assurance and Analytics Comprehensive network and service assurance from the NSP’s Analytics and Assurance functions are an integrated option available for all NSP modules. These integrated capabilities are required to ensure effective realization of many carrier SDN use cases. To bring carrier SDN from lab trials to live deployment, assurance and analytics with automated actions and abstracted day-to-day operations visibility will be critical. The NSP Assurance and Analytics functions are needed to ensure that operations keep pace by driving and automating smarter services placement on network resources so that requested SLAs can be honored.

Data Sheet Nokia Network Services Platform

Figure 2. IP/optical network-aware provisioning automation with service validation 3

“Gold” service policy triggers action to automatically run OAM tests to validate that the provisioned service meets “Gold” performance standards

1 “Gold” service provisioning request

Assurance & Analytics*

NSD

WAN SDN controller

4 Service performance is validated

Ce pa ntra th lize sel d ec tio n

NSD service model (YANG)

NSD Automates service provisioning with smart placement onto best path that meets requirements

PE 2

Best path is selected to meet specific service requirements and constraints of “Gold” service policy

PE

Assurance & Analytics* Automates test creation, execution and reporting for immediate service validation

*Assurance & Analytics may be provided with NFM or NSD or NRC modules.

Traditionally, once a service was instantiated, operators continuously surveyed alarms/KPIs and took manual actions (or, at best, userdriven, partially automated actions) to continue safeguarding SLAs. As network service delivery becomes more dynamic and network demand and traffic patterns become less static and predictable, operators need a higher level of network and service supervision visibility and automated control. This is required in order to keep up with the higher rate of changes to the network and services. The NSP Assurance and Analytics functions utilize automation from the SDN control layer so they can keep up with the dynamic provisioning and optimization of SDN networks. These closed-loop assurance capabilities leverage KPIs and analytics to drive automated policy-based optimization and OAM actions to improve overall service health and network efficiency from initial delivery to day-to-day operations. An example is using NSD for service provisioning to enable IP/optical network-aware path placement automation with service validation. (See Figure 2.)

6

In addition, service/network supervision visibility is needed for operators to efficiently stay in step with network events and provide the correlation needed to perform intelligent root-cause and services impact analysis. Because dynamic assurance is only as good as the data that feeds it, NSP Assurance and Analytics functions include policy triggers that encompass analysis/correlations from both IP and optical layers, and from both physical and virtual domains. For example, with the NSP Assurance and Analytics functions that monitor link utilization, a service managed in NSD can be set up to be monitored and will trigger (through a raised threshold alert) the dynamic resize of bandwidth using the LAG connectivity in an IP/MPLS or Carrier Ethernet network. And for integrated IP/optical network services, this can in turn re-size capacity for the underlying optical transport service through adding optical channels. (See Figure 3.) These monitored “LAG services” are then resized down when the high utilization across the service subsides.

Data Sheet Nokia Network Services Platform

Figure 3. Bandwidth on demand for IP/optical services with LAG resizing 1 Monitors interface bandwidth utilization for services on LAGs

2 Bandwidth utilization threshold crossed on monitored LAG interfaces

3 Automates LAG resize to increase bandwidth available to service

6 Congestion is cleared

ic e m siz na reDy AG L

WAN SDN controller

4

Assurance & Analytics*

NSD

Bandwidth utilization TCA

Assurance & Analytics* Monitors bandwidth utilization for IP/MPLS interfaces on LAGs and provides NSD with RCA alarm NSD Automates LAG re-size on real-time event notification from Assurance & Analytics

New interfaces added to LAGs PE

PE

5 New IP links and associated optical channel now operational *Assurance & Analytics may be provided with NFM or NSD or NRC modules.

NSP Assurance and Analytics also feeds the NSP NRC modules with the KPIs needed to deliver intelligent steering and load-balancing of traffic. KPIs enable analytics-driven policies that automate actions to ensure critical SLAs are met and that optimal use of IP/optical assets is made. To avoid network congestion, traffic flows can be redirected, new multi-layer paths established, or existing paths resized dynamically, as dictated by policy. Dynamic tuning of network resources, such as re-directing

traffic flows and services onto alternate paths, will also free up assets to generate additional revenue for carriers. NRC-F works in conjunction with the NSP’s Assurance and Analytics functions that collect link utilization and flow statistics and automatically monitors for congestion. When a traffic precongestion situation is detected, the NRC-F steers traffic flows (according to defined policy) onto alternate paths that avoid congestion – well before service quality is impacted. (See Figure 4.)

Figure 4. Traffic flow control for resolving congestion 1 Monitors links for congestion, collects MPLS flow stats

2 Detects congestion and identifies top elephant flows

3 Select traffic flows candidate for offloading to alternate path

NRC (NRC-F)

OpenFlow controller

Assurance & Analytics* O ad pen d/ Fl de ow l/m fl od ow

4 Policy-based steering selects top flows to re-direct to alternate path using NRC-F OpenFlow controller

5 Congestion is cleared

Assurance & Analytics* Data collection, KPI/TCA management, reporting

Congestion TCA

NRC (NRC-F) Intelligently steers traffic flows at the edge nodes to alternate path during congestion

OpenFlow switch Re-direction to alternate path

*Assurance & Analytics may be provided with NFM or NSD or NRC modules.

7

Data Sheet Nokia Network Services Platform

When the NRC-F does not find an alternate adequate path, it triggers the NRC-P to compute a new path and create it based on policy. (See Figure 5.) Figure 5. Traffic flow control with path computation and instantiation to resolve congestion 2

4 Detects no alternate path is available to re-direct

NRC (NRC-F and NRC-P) OpenFlow controller

Assurance & Analytics*

8 Congestion is cleared

w flo w od Flo /m en del Op dd/ a

3 Select traffic flows candidate for offloading to alternate path

1 Monitors links for congestion and collects MPLS flow stats

Detects congestion and identifies top elephant flows

Assurance & Analytics* Detects congestion, KPI/TCA management, reporting

5 NRC-F triggers NRC-P to create new alternate path 6 NRC-P computes new path and creates it based on policy

Congestion OpenFlow switch

7 Steers selected top flows to new alternate path (policy-based) using NRC-F OpenFlow controller

NRC (NRC-F and NRC-P) Creates new path and intelligently steers traffic flows Creation of alternate path + re-direction of flows to new path

*Assurance & Analytics may be provided with NFM or NSD or NRC modules.

Multi-tenancy for Network-as-a-Service (NaaS) The NSP enables the creation of virtual network slices, also known as network partitioning, allowing the independent existence of multiple tenants on a single physical infrastructure. Each enterprise on the operator’s network has its own virtual network, distinct, secure and independent of other enterprises’ services and of the operator’s own production network.

8

The enterprise has complete end-to-end visibility of its services and the ability to monitor SLAs, turn up new services, change bandwidth between sites, re-route services between sites and rapidly adapt to changing service requirements or network conditions. The operator retains a global view of the network and the ability to manage and monitor all elements.

Data Sheet Nokia Network Services Platform

Technical specifications NSP platform • Hardware platform: x86 Quad Core, 16 Gb RAM • Hypervisors: Linux Kernel-based Virtual Machine (KVM) • OS: Red Hat® Enterprise Linux® RHEL 7.0 • Database: PostgreSQL • Topology Graph DB: Neo4j • Telemetry DB: Vertica • Messaging: kafta • Logging: elastic • Registry: Apache Zookeeper • Single Sign-On (SSO): Apereo CAS • Security: Authentication based on OpenStack Identity Service (Keystone) • Multi-tenancy: Service and resource tenant-based views and span of control – Supports creation of virtual network slices, also known as network partitioning – Allows independent existence of multiple tenants on a single physical infrastructure • Multi-vendor mediation framework supporting:

NSD • Service provisioning for: – Layer 0, 1 and 2 optical services – Virtual private network (VPN) services - Layer 2 and Layer 3 VPN – Ethernet Line (E-Line) – Bandwidth on demand – Complex multi-technology services - Example: Ethernet services into L3 VPN with VLAN handoffs to form a single VPN service (all supporting common QoS tunnel policy) • Service provisioning path placement objectives to optimize selection for: – Hop (span) – Latency (μs – microseconds) – Cost – Link utilization • Service Call Admission Control (CAC) at access interface granularity • Path diversity constraints, enforcing service paths selected are disjoint (bidirectionally or for protection at node or link granularity), e.g., for LSPs, Shared Risk Link Group (SRLG) paths, etc.

– Specific device driver modeling

• Dynamic IP and optical service bandwidth resizing triggered via monitored LAG links

– Standard YANG models, e.g., OpenConfig

• Policies/templates: Configured through GUI

• North-bound integrations (OSS and service orchestration): REST/RESTCONF APIs, HTML5based NSP GUI portal • Abstracted YANG object model accessible through north-bound API

NRC-F (Flow) • Supports OpenFlow, BGP FlowSpec and IP Flow Information Export (IPFIX)

• High availability per component • Common for carrier SDN modules: – Performance monitoring: Statistics for links, tunnels and flows – Multi-layer visualization of service connections and tunnels/paths

9

Data Sheet Nokia Network Services Platform

NRC-P (Packet)

NFM-P (Packet)

• IP/MPLS PCE based on IETF standards

• IP/MPLS network management for:

• PCEP standards compliance, including support for Include Route Object (IRO)

– IP access, aggregation, metro, core (including Virtual Network Functions)

• PCE leverages Nokia Service Router Operating System (SROS) technology

– Carrier Ethernet

– Segment Routing TE (SR-TE) and RSVP-TE LSPs – Multi-area CSPF path computation for IS-IS and OSPF • Self-Tuned Adaptive Routing (STAR) and policydriven path (re-)optimization • Global concurrent optimization (GCO) • Bandwidth management for Path Computation Client (PCC) LSPs (RSVP-TE and SR-TE)

– Mobile backhaul – Mobile packet core (including Nokia cloudbased EPC solution) – IP/microwave • See NSP NFM-P datasheet for more information.

NFM-T (Transport) • Optical network management for: – SDH/SONET

• Real-time path/tunnel monitoring

– Carrier Ethernet

NRC-T (Transport)

– WDM

• Optical PCE leverages Nokia 1830 PSS GMPLS Wavelength Routing Engine (WRE) technology • Layer 0 and Layer 1 tunnel/path computation

– ROADM – OTN – Packet optical

• Real-time path/tunnel monitoring

Assurance and Analytics • Support IP, optical and integrated IP/optical networks and services – Functions with NSP SDN modules to extend SDN policy-based actions to automate closed-loop assurance • Telemetry monitoring for pre-congestion scenarios to trigger closed-loop automated actions • Service and network supervision and assurance, including: – Health and KPI summary dashboards – Threshold configuration – Network and service topologies – Automated OAM test suite creation and testing • Link utilization topology visualization and interface summary views • Advanced fault management – Alarm correlation – Root-cause tree and impact analysis fault views – Event timelines • Analytics reporting 10

Data Sheet Nokia Network Services Platform

Carrier SDN standards Path Computation Element (based on Nokia SROS supporting IETF standards and drafts) • PCE – RFC 4655: Path Computation Element (PCE) – RFC 5440: Path Computation Element (PCE) Communication Protocol (PCEP) – draft-ietf-pce-stateful-pce: PCEP Extensions for Stateful PCE – draft-ietf-pce-segment-routing: PCEP Extensions for Segment Routing – draft-alvarez-pce-path-profiles: PCE Path Profiles • BGP-LS – RFC 7752: North-Bound Distribution of LinkState and Traffic Engineering (TE) Information Using BGP

Flows • OpenFlow – OpenFlow Switch Specification version 1.3.1 • BGP Flow Spec – RFC 5575: Dissemination of Flow Specification Rules • IPFIX – RFC 5101: Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information – RFC 5102: Information Model for IP Flow Information Export

APIs • NETCONF – RFC 6241: Network Configuration Protocol (NETCONF) – RFC 6242: NETCONF over SSH • Representational State Transfer (REST)

– draft-gredler-idr-bgp-ls-segment-routing-ext: • RESTCONF BGP Link-State extensions for Segment Routing – draft-ietf-netconf-restconf: RESTCONF Protocol • ISIS/OSPF extensions – RFC 7684: OSPFv2 Prefix/Link Attribute Advertisement – draft-ietf-ospf-segment-routing-extensions: OSPF Extensions for Segment Routing – draft-ietf-isis-segment-routing-extensions: IS-IS Extensions for Segment Routing

Data models

• RFC 6020: YANG data modeling language for NETCONF • RFC 6991: Common YANG Data Types • RFC 7224: IANA Interface Type YANG Module • RFC 7950: YANG 1.1 Data Modeling Language • RFC 7951: JSON Encoding of Data Modeled with YANG • draft-ietf-i2rs-yang-network-topo: A Data Model for Network Topologies • draft-ietf-teas-yang-te: A YANG Data Model for Traffic Engineering Tunnels and Interfaces • draft-ietf-teas-yang-te-topo: YANG Data Model for TE Topologies

11

Data Sheet Nokia Network Services Platform

Related materials • Network Services Platform web page – includes related NSP application notes and technical papers • Video channel for Network Services Platform – includes NSP demo videos and product tours

Nokia is a registered trademark of Nokia Corporation. Other product and company names mentioned herein may be trademarks or trade names of their respective owners. Nokia Oyj Karaportti 3 FI-02610 Espoo Finland Tel. +358 (0) 10 44 88 000 Product code: PR1609022786EN (October)

© Nokia 2016

nokia.com