🧭 Northbound APIs – Detailed Topics to Expand in Exams

1. Definition & Role

 High-level API that enables communication from Applications to the SDN Controller.
 It abstracts the network complexity and exposes programmable interfaces.
2. Examples of Northbound APIs
 REST (Representational State Transfer)
 gRPC (Google Remote Procedure Call)
 GraphQL (in advanced SDN apps)
 JSON/XML over HTTP
3. Use Cases
 QoS (Quality of Service) management
 Application-aware routing
 Traffic shaping & prioritization
 Policy-based security enforcement
 Dynamic service chaining
4. Northbound API Design Goals
 Simplicity and flexibility
 Vendor neutrality
 Scalability and automation
 Programmability for 3rd party applications
5. Security Considerations
 Authentication of apps accessing the controller
 Authorization and API tokens
 Logging API access and operations
6. Real-World Applications
 Cisco ACI (Application Centric Infrastructure) uses northbound REST APIs.
 OpenDaylight’s DLUX GUI interacts with the controller via northbound APIs.

🔽 Southbound APIs – Detailed Topics to Expand in Exams

1. Definition & Role
 A set of APIs that allow SDN Controllers to communicate with underlying network devices like
switches, routers, and firewalls.
2. Popular Southbound Protocols
  OpenFlow – most common, standardized by ONF
 NETCONF – network configuration protocol (uses XML)
 OVSDB – used for managing Open vSwitch
 BGP-LS – BGP Link State for topology exchange
 SNMP – traditional but still used in hybrid networks
 gNMI/gNOI – emerging telemetry/control protocols
3. OpenFlow – Deep Dive
 Flow tables and flow entries
 Match-action rules
 Flow priorities and timeouts
 Table miss handling
 Flow counters/statistics reporting
4. Device Discovery & Topology Management
 Controller uses LLDP (Link Layer Discovery Protocol) via southbound to auto-discover devices and
links.
 Southbound APIs help gather topology and configure paths.
5. Traffic Engineering
 Controller modifies flow entries to reroute traffic during congestion or failure.
6. Telemetry & Monitoring
 Devices report back flow statistics (bytes transferred, number of packets, etc.) to the controller via
southbound APIs.
 Useful for network analytics, anomaly detection, and automated scaling.
7. Challenges with Southbound APIs
 Interoperability with legacy devices
 Scalability (many switches, frequent updates)
 Performance and latency in flow rule installations

🧱 Comparison Summary for Answer Structure

Aspect Northbound API Southbound API

Purpose App → Controller communication Controller → Device communication

Level High-level abstraction Low-level device configuration

Examples REST, gRPC, GraphQL OpenFlow, NETCONF, OVSDB

Target Audience Developers, Network apps Network devices (switches, routers)

Aspect Northbound API Southbound API

Data Format JSON/XML Binary/XML/OpenFlow Messages

Focus Policy, service requests Flow rules, monitoring, stats

Challenges Standardization, app integration Vendor support, protocol efficiency

🔁 SDN Control Flow with Northbound & Southbound APIs

SDN Architecture:

Layer Definition Functions Examples

The topmost layer in SDN - Sends requirements to

Firewall, Load
Application containing network applications controller via Northbound API-
Balancer, Routing
Layer that define desired network Implements logic for QoS,
apps
behaviour and services. security, load balancing, etc.

The middle layer, also called the - Communicates with apps

SDN Controller, which acts as the (northbound) and devices OpenDaylight, ONOS,
Control Layer
network brain by translating app- (southbound)- Manages network Ryu
level policies into low-level rules. topology, routing, monitoring

Infrastructure The lowest layer consisting of - Executes forwarding, dropping, Open vSwitch, SDN-
Layer physical or virtual devices that or modifying packets- Reports enabled
Layer Definition Functions Examples

perform data forwarding as per stats and events to the controller

routers/switches
the controller’s instructions. via Southbound API

📝 Q: Explain the SDN Approach Requirements. (16 Marks)

✅ 1. Introduction (Definition) – 2 Marks
Software Defined Networking (SDN) is a networking paradigm that separates the control plane from the
data plane, enabling centralized control, network programmability, and dynamic management.
To achieve these benefits, SDN requires certain architectural, functional, and operational capabilities.

✅ 2. Core Requirements of SDN Approach – 10–12 Marks

Break this into clearly labeled subheadings:
A. Separation of Control and Data Planes
 Traditional networks have distributed control.
 SDN logically centralizes the control plane in the controller, separating it from the data plane
(switches/routers).
 This enables easier management, automation, and flexibility.
B. Centralized Network Control
 SDN requires a centralized controller that maintains a global view of the network.
 This helps in:
o Dynamic path computation
o Network monitoring
o Quick fault response
C. Programmability
 Network behaviour must be programmable via software, not hardware-bound.
 Controllers must support APIs (especially Northbound APIs) so applications can define traffic
policies, rules, and routing logic.
D. Standardized Interfaces
 To ensure interoperability:
o Southbound API (e.g., OpenFlow) is needed to communicate with infrastructure.
o Northbound API (e.g., REST) is needed for applications to talk to the controller.
E. Global Network View (Abstraction)
  The controller should abstract network resources and present a simplified, logical topology to
applications.
 Applications shouldn’t worry about physical device complexities.
F. Modularity
 SDN components (applications, controller, devices) must be modular and loosely coupled.
 Enables independent updates, third-party apps, and easy scalability.
G. Scalability and Flexibility
 SDN should support:
o Large-scale networks
o Dynamic addition/removal of devices
o Integration with cloud/data center infrastructure
H. Security and Access Control
 SDN must provide secure communication between controller and devices.
 Authentication, role-based access, and traffic encryption are necessary.
I. Support for Legacy Systems (Hybrid SDN)
 SDN should allow gradual migration by supporting hybrid networks, where traditional and SDN
components coexist.
J. Real-time Monitoring and Analytics
 Requirements include telemetry and statistics collection for real-time visibility and performance
optimization.

1. Definition of SDN
SDN (Software Defined Networking) is an architecture that separates the control plane (decision-
making) from the data plane (packet forwarding), enabling centralized network management via software.
Key points:
 Uses a controller to programmatically manage network devices.
 Eliminates manual configuration of individual switches/routers.
 Promotes network automation and flexibility.
SDN Controller
The SDN Controller is the centralized "brain" of a Software-Defined Network, responsible for managing
flow control and decision-making.
 Functions:
o Communicates with switches/routers via Southbound APIs (e.g., OpenFlow).
o Maintains a global network view for optimized traffic routing.
 o Dynamically updates flow tables in network devices.
 Examples: OpenDaylight, ONOS, Ryu, POX.

SDN Architecture
1. Introduction
Software Defined Networking (SDN) is an innovative network architecture that
decouples the network control logic (control plane) from the underlying routers and
switches that forward the traffic (data plane). This allows for centralized network
control and easier programmability.

2. Key Components of SDN Architecture

 Control Plane and Data Plane Separation
o Traditionally, network devices like routers and switches had both control
and data planes embedded.
o In SDN, the control plane is separated and centralized, which allows better
network management and dynamic policy enforcement.
o The data plane remains on forwarding devices, which simply follow
instructions given by the controller.
 SDN Controller
o The controller is the central unit that controls the entire network. It
decides how packets should flow and communicates this to network
devices.
o It maintains a real-time map of the network and allows automation of
traffic control.
o Examples: OpenDaylight, Ryu, ONOS.
 Southbound APIs (e.g., OpenFlow)
o Southbound interfaces enable communication between the SDN controller
and network devices.
o OpenFlow is the most widely used protocol that allows the controller to
instruct devices on how to handle network traffic.
o It helps in configuring flow tables dynamically.
 Northbound APIs
o These APIs allow communication between the controller and the
applications running on top of it.
o They abstract the network details and allow apps like load balancers,
firewalls, and routing algorithms to function.
o This makes the network programmable and responsive to real-time needs.
3. SDN Architecture Diagram

 Application Layer (Apps like firewall, monitoring, etc.)

 Control Layer (SDN Controller)
 Infrastructure Layer (Switches, Routers)
 Show Northbound and Southbound APIs connecting layers

4. Advantages of SDN Architecture

 Centralized control simplifies management.
 Programmability allows rapid deployment of new services.
 Flexibility and automation improve network efficiency.
 Vendor independence through standard API.

1. Application Layer
 This is the topmost layer consisting of network applications and services such as
firewalls, intrusion detection systems, load balancers, and traffic analyzers.
 These applications define network behavior or policies and interact with the
controller through Northbound APIs.
 The Application Layer is responsible for the intelligent decision-making part of
the network.

2. Control Layer (SDN Controller)

 The Control Layer sits in the middle and consists of one or more SDN
Controllers.
 It acts as the brain of the network, maintaining a global view and making
decisions based on the inputs from applications.
  It communicates with both the Application Layer (via Northbound APIs) and the
Infrastructure Layer (via Southbound APIs).
3. Infrastructure Layer (Data Plane)
 This is the bottom layer and consists of physical or virtual network devices like
switches and routers.
 These devices forward data packets based on the instructions received from
the controller.
 Communication between this layer and the controller is handled by
Southbound APIs, such as OpenFlow.

🌐 Standards Developing Organizations, Industry Consortia, and Open Development Initiatives

1. Introduction
With the growth of Software Defined Networking (SDN) and Network Function Virtualization (NFV), it
became essential to establish common frameworks, standards, and tools to ensure interoperability,
scalability, and faster adoption. This led to the formation of various standards bodies, industry consortia,
and open-source initiatives.
These groups help in:
 Creating and maintaining global standards
 Encouraging collaboration between vendors and developers
 Building reference models and open tools for real-world use

2. Standards Developing Organizations (SDOs)

These are formal bodies that define official standards for SDN and NFV.
 ETSI (European Telecommunications Standards Institute)
The most important body for NFV. ETSI defines the NFV architecture — including components like
VNFs, MANO, and NFVI — and provides guidelines for service chaining and orchestration.
 IETF (Internet Engineering Task Force)
Works on developing protocols like OpenFlow, Path Computation Element (PCE), and extensions to
existing IP protocols for SDN environments.
 IEEE (Institute of Electrical and Electronics Engineers)
Sets standards for Ethernet, virtualization, network interface behavior, and supports work on SDN
interfaces and frameworks.

3. Industry Consortia
These are collaborative groups formed by companies, service providers, and academic institutions to drive
innovation and adoption.
 ONF (Open Networking Foundation)
A leading body for SDN. It promotes the OpenFlow protocol and defines open standards and
architectures for programmable networks.
 MEF (Metro Ethernet Forum)
Focuses on network-as-a-service (NaaS) and lifecycle orchestration frameworks that integrate well
with SDN/NFV for carrier-grade networks.
 TM Forum
Works on digital transformation models. It provides operational frameworks and standards for
managing complex services in SDN/NFV-enabled environments.

4. Open Development Initiatives (Open-Source Projects)

These are community-led or industry-sponsored open-source software platforms that offer tools and
frameworks to build real SDN/NFV solutions.
 OpenDaylight
An open-source SDN controller project that supports multiple southbound protocols like OpenFlow,
NETCONF, and BGP.
 ONAP (Open Network Automation Platform)
A complete automation platform for managing and orchestrating VNFs and network services. It
combines real-time analytics, policy engines, and orchestration tools.
 OPNFV (Open Platform for NFV)
Provides a reference platform for testing and integrating NFV solutions, often based on ETSI
standards.
 OpenStack
Although not exclusive to NFV, OpenStack is widely used for managing virtualized resources
(compute, network, and storage) and is commonly adopted as part of NFVI in NFV deployments.

5. Conclusion
Standards Developing Organizations, Industry Consortia, and Open Development Initiatives play a vital role
in shaping the future of programmable and virtualized networks. They ensure that different vendor
technologies work together, reduce costs through open tools, and accelerate the commercial deployment
of SDN and NFV.

NFV Principles
Decoupling Network Functions from Proprietary Hardware
Network functions such as firewalls, routers, and load balancers were traditionally delivered through
proprietary hardware appliances. NFV changes this by allowing these functions to be implemented in
software, running on generic commercial hardware. This decoupling makes the network more flexible and
cost-effective by eliminating the need for specialized devices.

Virtualization of Network Services

NFV introduces the concept of transforming physical network functions into virtual instances called
Virtualized Network Functions (VNFs). These VNFs operate within virtual machines or containers on top of
a hypervisor, abstracted from the physical resources. This allows network functions to be deployed,
upgraded, and scaled without direct hardware dependency.

Dynamic and Elastic Resource Allocation

One of the fundamental strengths of NFV is its ability to dynamically allocate resources to network
functions based on current demand. Instead of pre-allocating fixed resources, NFV enables real-time
scaling, where virtual functions can be added, removed, or resized automatically, enhancing performance
and resource efficiency.

Automation and Orchestration of Network Operations

NFV leverages centralized automation systems to handle the deployment, configuration, monitoring, and
life-cycle management of VNFs. This orchestration minimizes manual intervention, accelerates service
delivery, and reduces operational costs while maintaining service reliability.

Programmability and Service Agility

With NFV, network behaviors can be modified or extended through software updates rather than physical
reconfiguration. This programmability ensures that service providers can quickly adapt to changing
customer needs, deploy new services rapidly, and innovate without being tied to hardware limitations.

Service Function Chaining

NFV supports chaining of multiple VNFs to form a complete end-to-end service. For example, a service
chain may include a firewall, intrusion detection system, and network address translation. These chains are
logically defined and can be easily modified to reflect new service policies or customer requirements
without rewiring the physical network.

Support for Multi-Tenancy and Isolation

In an NFV environment, multiple virtualized network services can coexist on the same infrastructure while
being logically isolated. This allows multiple customers or departments to use shared hardware securely,
with each VNF instance isolated to prevent interference or data leakage between tenants.
NFV high-level framework:

1. Virtualized Network Functions (VNFs)

Definition and Purpose:
Virtualized Network Functions (VNFs) are the software-based equivalents of traditional network
appliances like routers, firewalls, load balancers, and intrusion detection systems. Instead of residing on
dedicated physical hardware, these functions run as software modules on virtual machines (VMs) or
containers within a virtualized environment.
Structure:
Each VNF may consist of one or more VNF Components (VNFCs). These components are the building
blocks of a VNF and are designed to operate collectively to deliver a complete network function. For
example, a virtual firewall VNF might include components for traffic filtering, logging, and rule
management.
Characteristics:
VNFs are modular, scalable, and replaceable, meaning that service providers can deploy, modify, and scale
them on demand without needing to change the underlying hardware. They are also vendor-neutral,
enabling interoperability and flexibility in network design.
Role in NFV:
VNFs are the core service elements that actually process network traffic. All other components in the NFV
framework exist to support, manage, and optimize the deployment and operation of these functions.

2. NFV Infrastructure (NFVI)

Definition and Purpose:
The NFV Infrastructure (NFVI) is the foundation layer that provides the physical and virtual resources
needed to host and connect VNFs. This includes compute, storage, and networking resources, as well as
the virtualization layer that abstracts these resources from the hardware.
Components:
 Physical Resources: These are the actual hardware components such as servers (for computing),
storage drives, and network switches/routers.
 Virtual Resources: These are the virtual instances of the above, like virtual CPUs (vCPUs), virtual
memory, virtual NICs (vNICs), and virtual disks created by the virtualization layer.
 Virtualization Layer: This is typically a hypervisor (e.g., KVM, VMware ESXi) or a container runtime
(e.g., Docker) that sits between the physical hardware and the VNFs. It allows multiple VNFs to
share the same physical resources securely and efficiently.
Functionality:
The NFVI is responsible for resource abstraction, allocation, and management, making it possible for VNFs
to be dynamically deployed on a shared pool of resources. It also ensures isolation between VNFs and
maintains performance consistency even when multiple VNFs operate on the same hardware.
Importance:
The efficiency, scalability, and reliability of the entire NFV ecosystem are highly dependent on the
robustness of the NFVI. It enables multi-tenancy, dynamic scaling, and failover capabilities, which are all
essential for modern cloud-native networking.

3. NFV Management and Orchestration (MANO)

Definition and Purpose:
MANO is the centralized management layer in the NFV framework, responsible for the orchestration,
lifecycle management, and coordination of VNFs and NFVI resources. It ensures that all components in the
NFV ecosystem are operating in harmony and that services can be deployed, monitored, scaled, and
terminated efficiently.
Subcomponents:
a) NFV Orchestrator (NFVO):
The NFVO oversees the end-to-end lifecycle of network services. It coordinates with VNF Managers and the
Virtualized Infrastructure Manager to instantiate and connect multiple VNFs into coherent service chains.
It also handles resource requests, policy enforcement, and high-level automation of services.
b) VNF Manager (VNFM):
The VNFM is responsible for managing the lifecycle of individual VNFs. This includes tasks such as VNF
instantiation, configuration, scaling (in/out), healing, and termination. Each VNFM interacts with the
VNFs it manages and can either be specific to a vendor or generic for multiple VNFs.
c) Virtualized Infrastructure Manager (VIM):
The VIM manages the NFVI's compute, storage, and network resources. It handles resource allocation,
monitoring, and reporting. The VIM also exposes APIs to both the VNFM and NFVO, facilitating the
translation of service-level requirements into infrastructure-level actions. Popular VIM solutions include
OpenStack and VMware vCloud.
Role and Importance:
MANO is the control center of the NFV framework. Without it, deploying VNFs would require significant
manual configuration, defeating the purpose of NFV’s agility. MANO makes NFV programmable, efficient,
and scalable, aligning with cloud-native service delivery models.

In summary, these three domains—VNFs, NFVI, and MANO—together form the structural backbone of
any NFV-based system. VNFs perform the actual network tasks, NFVI provides the environment to run
them, and MANO ensures they are deployed and maintained efficiently.

NFV Benefits
Reduced Capital and Operational Expenditure (CAPEX & OPEX),Faster Service Deployment and Time-to-
Market, Scalability and Elasticity, Vendor Independence and Flexibility, Improved Automation and
Agility, Support for Multi-Tenancy and Better Resource Utilization.
NFV Reference Architecture
The NFV reference architecture is a conceptual model defined by ETSI (European Telecommunications
Standards Institute) that describes how various functional blocks interact in a virtualized network
environment. It provides a high-level blueprint for implementing NFV solutions in a modular,
interoperable, and scalable manner.
At its core, the architecture consists of three main components: Virtualized Network Functions (VNFs),
NFV Infrastructure (NFVI), and NFV Management and Orchestration (MANO). These components interact
over well-defined reference points and support functions like communication, security, and lifecycle
management.
Virtualized Network Functions (VNFs)
These are the software-based instances of traditional network appliances, like routers, firewalls, and
load balancers. Each VNF runs on a virtual machine or container and performs a specific network
function. VNFs are modular and can be combined to build complex network services.
NFV Infrastructure (NFVI)
This layer contains the physical hardware (servers, storage, and network), the virtualization layer (like
hypervisors or container runtimes), and the virtualized resources (like virtual CPUs, memory, and virtual
NICs). It is the environment where VNFs are deployed and executed. The NFVI also includes mechanisms
for isolation, resource pooling, and performance assurance.
NFV Management and Orchestration (MANO)
MANO is the brains of the NFV architecture. It is responsible for coordinating the deployment,
configuration, scaling, monitoring, and termination of VNFs. It interacts with both the VNFs and the NFVI
to ensure services are delivered as intended, and resources are managed efficiently.
Reference Points and Interfaces
The architecture also defines reference points (e.g., Or-Vi, Vi-Vnfm, Or-Vnfm) that represent standard
interfaces between different components. These interfaces ensure that components from different
vendors can communicate and work together in a compliant NFV environment.
Supporting Components
In addition to the main blocks, the architecture includes service catalogs, repositories (for VNF
packages), policy engines, analytics modules, and external systems like OSS/BSS (Operations and
Business Support Systems). These components enable automation, billing, policy enforcement, and
service chaining.
The ETSI NFV reference architecture thus promotes interoperability, reusability, and flexibility, allowing
service providers to build programmable, vendor-neutral, and agile networks that can adapt to future
demands.

NFV Management and Orchestration (MANO)

NFV MANO is a critical part of the NFV architecture, introduced by ETSI to handle the complete lifecycle
management of both VNFs and the NFV infrastructure. It ensures that all network functions and
resources are orchestrated, monitored, and managed in an automated and efficient manner.
MANO consists of three functional blocks, each with a distinct responsibility, but closely integrated to
deliver end-to-end automation and control.
1. NFV Orchestrator (NFVO)
The NFVO is responsible for the overall orchestration of network services across the NFV environment. It
manages the network service lifecycle—right from service instantiation and scaling to termination. It
coordinates with other MANO components to fulfill service requests and allocates resources from the
NFVI. It also handles service chaining, where multiple VNFs are linked logically to create a complete
service.
The NFVO also interacts with external systems like OSS/BSS for service requests, monitoring, and billing.
It ensures policies are enforced and makes high-level decisions regarding where and how services should
be deployed.

2. VNF Manager (VNFM)

The VNFM manages the lifecycle of individual VNFs. This includes instantiating a VNF, configuring it,
updating it, scaling it up or down, healing it during faults, and finally, terminating it when no longer
needed. Each VNFM may manage one or more VNFs, and in some cases, specialized VNFMs are used for
vendor-specific VNF packages.
The VNFM also handles the deployment of VNF configuration data, and works closely with both the
NFVO and the VIM to ensure resource availability and compliance with performance standards.

3. Virtualized Infrastructure Manager (VIM)

The VIM manages the NFVI resources, including compute, storage, and network components. It abstracts
the physical infrastructure and presents it to the higher layers as virtual resources. The VIM is
responsible for resource allocation, monitoring, capacity planning, and maintaining isolation between
different tenants or services.
Common examples of VIM platforms include OpenStack, VMware vSphere, and Red Hat OpenShift. The
VIM ensures that the underlying hardware is efficiently used and that performance guarantees are met.

Inter-Component Communication
The three MANO components communicate over well-defined interfaces:
 The NFVO communicates with VNFM using the Or-Vnfm interface.
 The VNFM communicates with the VIM using the Vi-Vnfm interface.
 The NFVO also directly interacts with the VIM through the Or-Vi interface.
These interfaces are crucial for maintaining interoperability and modularity in multi-vendor
deployments.

Importance of MANO
NFV MANO brings automation, intelligence, and agility to the NFV ecosystem. Without MANO, deploying
virtualized network services would be a manual, error-prone, and slow process. MANO enables dynamic
scaling, fault tolerance, policy-driven orchestration, and real-time monitoring, making modern telecom
networks cloud-native and service-centric.

MODULE – III:
SDN Application Plane Architecture
The SDN Application Plane is the topmost layer in the SDN architecture. It contains various network
applications that use the controller's services to manage and optimize network behavior. The architecture
mainly includes:

Northbound Interface (NBI)

The Northbound Interface allows communication between the SDN controller and external applications.
It uses APIs (like REST APIs) to expose the network’s abstracted state to developers.
NBIs help applications make network decisions without knowing the hardware details.
Network Application
Network applications are software programs that run on top of the SDN controller using the Northbound
Interface.
Examples include load balancers, firewalls, and intrusion detection systems.
These apps use the controller’s data to monitor, analyze, and control network behavior.
User Interface
The User Interface in SDN provides a visual or command-line interface to network administrators.
It helps configure network services and view traffic statistics or topology.
This interface improves usability and simplifies overall network management.
Network Services
Network Services in SDN are modular functions like routing, switching, and security controls.
They are provided by the controller and can be dynamically adjusted by applications.
These services ensure efficient traffic handling and policy enforcement.

Network Services Abstraction Layer

The Network Services Abstraction Layer in SDN provides a simplified interface for applications to interact
with the network, hiding the complexities of the underlying hardware. This layer allows developers to
program network behavior without needing to manage individual devices. It enables centralized control
and facilitates the implementation of network policies and services.

Frenetic in SDN
Frenetic is a high-level programming language designed for SDN that simplifies the development of
network applications. It provides abstractions for common networking tasks, allowing developers to
specify network behavior declaratively. This facilitates easier implementation of complex functionalities
like traffic engineering, monitoring, and security policies within the SDN framework.

Traffic Engineering
Traffic Engineering (TE) in SDN involves optimizing the flow of data across the network to improve
performance and resource utilization. Using tools like Frenetic, network operators can:
 Prioritize Traffic: Assign higher priority to critical data flows to ensure timely delivery.
 Load Balancing: Distribute network traffic evenly across multiple paths to prevent congestion.
  Dynamic Rerouting: Automatically redirect traffic in response to network failures or congestion,
maintaining optimal performance.
These capabilities are achieved through the centralized control and programmability offered by SDN,
enabling real-time adjustments to network behavior.

Measurement and Monitoring

Effective network management requires continuous measurement and monitoring of traffic. In SDN, this is
facilitated by the controller's global view of the network, allowing for:
 Real-Time Data Collection: Gathering statistics on packet counts, flow durations, and bandwidth
usage.
 Anomaly Detection: Identifying unusual traffic patterns that may indicate security threats or
performance issues.
 Performance Optimization: Using collected data to make informed decisions about traffic routing
and resource allocation.
Frenetic aids in implementing these monitoring functions by providing a framework for specifying and
collecting the necessary metrics.

Security
Security within SDN is enhanced through centralized policy enforcement and dynamic response
capabilities. With tools like Frenetic, SDN can:
 Implement Access Controls: Define and enforce rules about which devices or users can access
certain network resources.
 Detect and Mitigate Attacks: Identify malicious traffic patterns, such as Distributed Denial of
Service (DDoS) attacks, and take immediate action to block or reroute traffic.
 Isolate Compromised Devices: Quickly remove affected devices from the network to prevent the
spread of threats.
The programmability of SDN, combined with the abstractions provided by Frenetic, allows for rapid
development and deployment of security measures tailored to specific network needs.

NFV Principles (Network Function Virtualization Principles)

Network Function Virtualization (NFV) is a revolutionary concept in modern networking. It aims to
transform how network operators deploy and manage network services by using virtualization
technologies to run network functions as software on general-purpose hardware.

1. Decoupling of Network Functions from Hardware

 Traditional network functions (like firewalls, routers, etc.) were tightly coupled with dedicated
hardware appliances.
 NFV decouples these functions and allows them to run as software-based VNFs (Virtual Network
Functions) on commercial off-the-shelf (COTS) servers.
 This leads to faster deployment and reduced hardware dependency.

2. Use of Standard IT Virtualization Techniques

 NFV leverages virtualization technologies such as hypervisors and virtual machines (VMs) or
containers.
 These techniques help abstract the physical hardware, allowing multiple VNFs to run on the same
physical infrastructure efficiently.
 Improves resource utilization and enables multi-tenancy.

3. Dynamic Scalability and Flexibility

 One of the key principles of NFV is to enable on-demand scaling of network services.
 VNFs can be instantiated, scaled, or removed dynamically based on network load.
 This allows elasticity in managing traffic spikes or failures, improving service availability.

4. Centralized Management and Orchestration (MANO)

 NFV includes a standardized management framework called MANO (Management and
Orchestration).
 MANO handles the lifecycle management of VNFs, such as deployment, scaling, updating, and
termination.
 It also manages resource allocation across compute, storage, and network infrastructure.

5. Automation of Network Services

 NFV enables automated provisioning and configuration of network functions, reducing manual
effort.
 Integration with SDN (Software Defined Networking) helps in automating service delivery and
traffic routing.
 Automation reduces operational cost and human error.
6. Service Chaining and Faster Innovation
 NFV allows service function chaining (SFC) – combining multiple VNFs into a logical sequence (e.g.,
firewall → load balancer → intrusion detection).
 This modular approach enables rapid deployment of new services and promotes innovation.
 Operators can introduce new features without hardware upgrades.

7. Reduced Capital and Operational Expenditure (CAPEX & OPEX)

 By moving away from specialized hardware, NFV reduces CAPEX (hardware costs).
 OPEX is reduced due to easier management, automation, and energy efficiency.
 Resources can be shared and reused, optimizing infrastructure usage.

8. Support for Multi-Vendor Environments

 NFV promotes open standards and interoperability, allowing service providers to use VNFs from
different vendors.
 Reduces vendor lock-in and gives flexibility in choosing the best solutions.

NFV Architecture
🔹 Introduction
 Network Function Virtualization (NFV) is a network architecture concept that uses virtualization
technologies to manage core networking functions (like routers, firewalls, load balancers) as
software-based VNFs on standard hardware.
 It reduces dependency on proprietary hardware and increases flexibility, scalability, and cost-
efficiency in telecom networks.

Key Components of NFV Architecture (As per ETSI framework):

1. Virtual Network Functions (VNFs)
 These are software implementations of network functions.
 Examples: Firewall (FW), Intrusion Detection System (IDS), Load Balancer, etc.
 Can be deployed, scaled, and terminated dynamically.
2. NFV Infrastructure (NFVI)
NFVI stands for Network Functions Virtualization Infrastructure. It is the foundation layer of the NFV
architecture that provides the hardware and software resources required to support the execution of
Virtual Network Functions (VNFs).
Role of NFVI

 Acts as the execution environment for VNFs.

 Provides resource abstraction and isolation.
 Interacts with the VIM (Virtualized Infrastructure Manager) for resource allocation and monitoring.

COMPONENTS OF NFV:
o Physical resources: CPU, memory, storage, networking (COTS hardware).
o Virtual resources: vCPU, vNIC, vDisk created via hypervisors like KVM, VMware ESXi.
 Includes a virtualization layer (hypervisor) to manage resource abstraction.

3. Management and Orchestration (MANO)

 Handles the entire lifecycle and orchestration of VNFs and NFVI
 MANO stands for Management and Orchestration, and it is a crucial functional block within the
NFV (Network Functions Virtualization) architecture, defined by ETSI. It is responsible for the
automation, orchestration, and lifecycle management of network services and Virtual Network
Functions (VNFs). MANO ensures that virtualized resources and VNFs are deployed, configured, and
maintained efficiently.
  Sub-components:
o NFV Orchestrator:
o NFVO (Network Functions Virtualization Orchestrator) is a core component of the MANO
framework in NFV. It is responsible for the end-to-end orchestration and management of
network services across the virtualized infrastructure.
 Manages network service lifecycle (instantiation, scaling, termination).
 Coordinates resources across multiple VIMs.
o VNF Manager (VNFM):
 Manages individual VNF lifecycles (start, stop, scale).
 Interfaces with both VNFs and NFV Orchestrator.
o Virtualized Infrastructure Manager (VIM):
 Controls and manages NFVI resources (compute, storage, network).
 Responsible for allocating virtual resources.

🔹 Diagram of NFV Architecture

TL;DR:
REQUIREMENTS OF VNF:
🔹 1. Portability of VNFs
 VNFs should run on different hardware and virtualization platforms without changes.
 Promotes vendor independence and flexibility.

🔹 2. Dynamic Scaling
 VNFs must support elastic scaling based on traffic or resource demand.
 Includes both horizontal scaling (adding/removing instances) and vertical scaling (adding/removing
resources like CPU/RAM).

🔹 3. Performance Optimization
 Must meet performance targets similar to traditional network appliances.
 Should support:
o CPU pinning
o NUMA awareness
o I/O acceleration (e.g., SR-IOV, DPDK)

🔹 4. Automation
 Entire lifecycle of VNFs (deployment, monitoring, healing, scaling) must be automated.
 Requires MANO framework for orchestration.

🔹 5. Interoperability and Standardization

 NFV systems must follow open standards (e.g., ETSI) to ensure compatibility across vendors.
 Enables integration with legacy systems and third-party components.

🔹 6. Security and Isolation

 Virtualized environments must:
o Isolate VNFs from each other
o Provide secure interfaces
o Protect data in transit and at rest
 Support role-based access, firewalls, encryption, etc.
🔹 7. Resource Management and Multi-tenancy
 Should support multiple tenants (e.g., different customers or services) securely and efficiently.
 Resource allocation should be dynamic and policy-driven.

🔹 8. Resiliency and Fault Management

 NFV should detect and recover from hardware or software failures automatically.
 Support self-healing mechanisms and redundancy.

🔹 9. Service Continuity
 During updates, scaling, or migration, services must remain uninterrupted.
 This requires live migration support and state preservation.

🔹 10. Monitoring and Analytics

 The NFV framework must continuously monitor:
o VNF performance
o Resource usage
o Faults and alarms
 Helps with predictive scaling, capacity planning, and QoS assurance.

General Use Cases of NFV

NFV enables the virtualization of network services that traditionally run on dedicated hardware. Here are
the common real-world use cases:

🔹 1. Virtual Firewall (vFW)

 Replaces physical firewall appliances with software-based firewalls.
 Offers flexible security policies and can scale with demand.

🔹 2. Virtual Load Balancer

 Distributes network traffic across servers using a virtualized instance.
 Supports on-demand scaling and reduces hardware costs.
🔹 3. Virtual Evolved Packet Core (vEPC)
 Used in telecom networks to virtualize the core mobile network.
 Supports LTE/4G/5G infrastructure with high scalability.

🔹 4. Virtual Customer Premises Equipment (vCPE)

 Replaces physical devices at user sites (like routers/modems) with cloud-based VNFs.
 Simplifies deployment and centralizes management.

🔹 5. Network Function as a Service (NFaaS)

 NFV allows operators to offer VNFs on-demand to customers via cloud platforms.
 Example: Renting virtual firewall or VPN services through a web portal.

MANO (Management and Orchestration)

Introduction

MANO stands for Management and Orchestration, and it is a crucial functional block within the NFV
(Network Functions Virtualization) architecture, defined by ETSI. It is responsible for the automation,
orchestration, and lifecycle management of network services and Virtual Network Functions (VNFs).
MANO ensures that virtualized resources and VNFs are deployed, configured, and maintained efficiently.

Architecture of MANO

The MANO framework consists of three main functional blocks:

1. NFV Orchestrator (NFVO)

The NFV Orchestrator is responsible for the overall orchestration and management of network services. It
coordinates resource allocation across multiple VIMs and oversees the lifecycle of network services.
 Handles onboarding of network services.
 Performs service instantiation, scaling, and termination.
 Ensures interconnection between VNFs and infrastructure.

2. VNF Manager (VNFM)

The VNF Manager is in charge of the individual lifecycle management of VNFs. It can manage one or
multiple VNFs and communicates with both the NFVO and the VIM to ensure the correct functioning of
VNFs.
 Instantiates, updates, scales, and terminates VNFs.
 Monitors health and performance of VNFs.
 Supports fault recovery and configuration.

3. Virtualized Infrastructure Manager (VIM)

The VIM manages the virtualized infrastructure, which includes compute, storage, and networking
resources. It abstracts the underlying physical infrastructure and presents it as a set of manageable
resources to the VNFM and NFVO.
 Allocates virtual machines and virtual networks.
 Monitors virtualized resources (CPU, RAM, Disk).
 Manages network connectivity and topology.

Functions of MANO

The MANO framework collectively provides the following functions:

 Resource orchestration across physical and virtual layers.
 Automation of service deployment and configuration.
 Monitoring and fault management of VNFs and infrastructure.
 Dynamic scaling of resources based on demand.
 Multi-tenant and multi-vendor support in cloud networks.

Importance of MANO in NFV

MANO is essential for the success of NFV because it provides:

 Efficient automation of network services.
 Flexibility and scalability in resource management.
 Faster service delivery with reduced operational costs.
 Support for heterogeneous and distributed infrastructure.