No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - SFC

CloudEngine 12800E V200R003C00

This document describes the configurations of Service function chain (SFC).
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Overview of SFCs

Overview of SFCs

Definition

Service function chain (SFC) is a technology providing ordered services for the application layer. It logically connects services on network devices, forming an ordered service set. SFC adds service function path (SFP) information in original packets to enable packets to pass through service devices along the specified path.

SFC can be implemented using policy-based routing (PBR) and network service header (NSH) modes. NSH mode is used for SFC implementation in this document.

Purpose

On a network, data packets pass through various service functions (SFs) to enable the network to provide users with secure, fast, and stable services as planned. These SFs include firewalls (FWs), load balancers (LBs), and intrusion prevention systems (IPSs). Network traffic passes through them in the sequence defined by service logic to implement required services.

Traditionally, SFs are deployed based on the physical topology, and various policies are manually configured to cascade SFs in an SFP. This deployment and O&M mode has the following issues:
  • Network devices are tightly coupled, making service deployment inflexible.

    Upon service provisioning, expansion, and changes, policies on all devices along the SFP must be manually adjusted. This complicates deployment and leads to a failure to implement complex traffic direction scenarios.

  • Forwarding efficiency is low.

    Data packets are classified (that is, encapsulation and decapsulation) for multiple times during the forwarding along the SFP, decreasing efficiency.

  • SF resources cannot be shared.

    SF resources on a network cannot be shared and have poor scalability. If performance is insufficient, existing SFs must be replaced with higher-end devices.

SFC technology leverages virtual networks to better integrate services into a traditional network architecture and addresses the preceding issues:
  • Tight coupling between network devices and inflexible service deployment

    SFC is independent of network planning. Topology changes of the underlying physical network do not affect SF deployment or activation. Virtual SFCs can be mapped to physical SFs as long as network routes are reachable.

  • Low forwarding efficiency

    SFC encapsulates packets using NSHs to allow SFs along the SFP to transmit information to each other. With this information, the SFP can dynamically process data using specified policies.

  • No sharing of SF resources

    The forwarding layer and the service layer are separated. In this way, users can add SFs in a resource pool. All classified data traffic is directed to multiple SFs along the SFP. Traffic direction reduces performance requirements for SFs to process peak traffic and achieves resource sharing on SFs.

Benefits

As virtual networks are growing remarkably in popularity, SFC brings the following benefits:
  • Packets are encapsulated using IP over NSH over VXLAN or IP over NSH over VLAN. VXLAN is short for Virtual Extensible LAN. Packet forwarding is not affected by network topology changes. A service function forwarder (SFF) can forward packets as long as it knows SFs' locations. Upon network topology changes, SFC implements quick service iteration and changes.

  • An SF can parse metadata carried in NSH packets without encapsulating or decapsulating the packets, improving packet parsing efficiency and forwarding performance.

  • SFs can be planned in a resource pool to achieve SF resource sharing, reducing performance requirements for SFs to process peak traffic.

Translation
Download
Updated: 2019-05-05

Document ID: EDOC1100004204

Views: 3455

Downloads: 20

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next