Feature_10980_Service_Function_Chaining

4e9855c9 · sritharan · 810b217e · 4e9855c9 · 4e9855c9 · 4e9855c9
Commit 4e9855c9 authored Oct 26, 2023 by sritharan
5 changed files
--- a/05-osm-usage.md
+++ b/05-osm-usage.md
@@ -2143,3 +2143,117 @@ virtual-link-connectivity:
    constituent-cpd-id: vnf-cp0-ext
    ip-address: 192.168.1.20
 ```
+
+## Service Function Chaining
+
+SFC has the ability to cause network packet flows to route through a network via a path other than the one that would be chosen by routing table lookups on the packet’s destination IP address.
+
+### How to deploy Service Function Chaining
+
+To illustrate how SFC works in OSM, it will be discussed in the below example.
+
+#### Resources
+
+This example of SFC requires a set of resources (VNFs, NSs) that are available in the following [Gitlab osm-packages repository](https://osm.etsi.org/gitlab/vnf-onboarding/osm-packages):
+
+- **NF:**
+  - [src_vnfd](https://osm.etsi.org/gitlab/vnf-onboarding/osm-packages/-/tree/master/src_vnfd)
+  - [dest_vnfd](https://osm.etsi.org/gitlab/vnf-onboarding/osm-packages/-/tree/master/dest_vnfd)
+  - [mid_vnfd](https://osm.etsi.org/gitlab/vnf-onboarding/osm-packages/-/tree/master/mid_vnfd)
+- **NS:**
+  - [sfc_nsd](https://osm.etsi.org/gitlab/vnf-onboarding/osm-packages/-/tree/master/sfc_nsd)
+
+#### Virtual Network Functions
+
+Three VNFs are used for this example. All the VNFs has single interface (`eth0-ext`), specifications vCPU (1), RAM (1GB), disk (10GB), and image-name (`bionic`).
+
+![src_vnfd](assets/700px_src_vnfd.png)
+![mid_vnfd](assets/700px_mid_vnfd.png)
+![dest_vnfd](assets/700px_dest_vnfd.png)
+
+#### Network Service
+
+This Network service has three VNFs.The VNF forwarding graph parameters like match attributes (`source ip address`, `destination ip address`, `protocol`, `source port`, `destination port`), ingress connection point interface (`packet in`) and egress connection point interface (`packet out`) are configured in NSD descriptor.
+
+The diagram below shows the `sfc_nsd` and service chaining of VNFs.
+
+![sfc_nsd](assets/sfc_nsd.png)
+
+#### SFC Network service Descriptor
+
+VNFFGD configuration are specified as below in NS descriptor:
+
+```yaml
+    vnffgd:
+    - id: vnffg1
+      vnf-profile-id:
+      - vnf2
+      nfp-position-element:
+      - id: test
+      nfpd:
+      - id: forwardingpath1
+        position-desc-id:
+        - id: position1
+          nfp-position-element-id:
+          - test
+          match-attributes:
+          -  id: rule1_80
+             ip-proto: 6
+             source-ip-address:  20.20.20.10
+             destination-ip-address: 20.20.20.30
+             source-port: 0
+             destination-port: 80
+             constituent-base-element-id: vnf1
+             constituent-cpd-id: eth0-ext
+          cp-profile-id:
+          -  id: cpprofile2
+             constituent-profile-elements:
+             - id: cp1
+               order: 0
+               constituent-base-element-id: vnf2
+               ingress-constituent-cpd-id: eth0-ext
+               egress-constituent-cpd-id: eth0-ext
+```
+- The list of VNFs in the forwarding graph (`vnffgd:vnf-profile-id`)
+- Source IP address in CIDR notation (`match-attributes:source-ip-address`)
+- Source IP address in CIDR notation (`match-attributes:destination-ip-address`)
+- Source protocol port (allowed range [1,65535])(`match-attributes:source-port`)
+- Destination protocol port (allowed range [1,65535(`match-attributes:destination-port`)
+- IP protocol name. Protocol name should be as per IANA standard (`match-attributes:ip-proto`)
+
+#### Example
+
+Get the descriptors:
+
+```bash
+git clone --recursive https://osm.etsi.org/gitlab/vnf-onboarding/osm-packages.git
+```
+
+Onboard them:
+
+```bash
+cd osm-packages
+osm vnfpkg-create src_vnfd
+osm vnfpkg-create mid_vnfd
+osm vnfpkg-create dest_vnfd
+osm nspkg-create sfc_nsd
+```
+
+Launch the NS:
+
+```bash
+osm ns-create --ns_name sfc --nsd_name sfc_nsd --vim_account <VIM_ACCOUNT_NAME>|<VIM_ACCOUNT_ID>
+osm ns-list
+
+#### Testing
+```bash
+# In src_vnf and dest_vnf install the netcat
+sudo apt install netcat -y
+# In mid_vnf install tcpdump and run the tcpdump command to start the packet capture
+sudo apt install tcpdump -y
+sudo tcpdump -i <interface name>
+# In dest_vnf, open a listener on port 90, waiting for a client to connect
+sudo nc -l -p 90
+# In src_vnf, run the below command. This command will connect to the server at <dest_vnf> ip-address on port 90
+sudo nc <dest_vnf_ip_address> 90
+# All the packets from src vnf to dest vnf should route only through the mid vnf.
--- a/assets/700px_dest_vnfd.png
+++ b/assets/700px_dest_vnfd.png
--- a/assets/700px_mid_vnfd.png
+++ b/assets/700px_mid_vnfd.png
--- a/assets/700px_src_vnfd.png
+++ b/assets/700px_src_vnfd.png
--- a/assets/sfc_nsd.png
+++ b/assets/sfc_nsd.png