ETSI GR NFV-EVE 016 V1.1.1 (2020-09)

ETSI GR NFV-EVE 016 V1.1.1 (2020-09)






GROUP REPORT
Network Functions Virtualisation (NFV);
Evolution and Ecosystem;
Report on Connection-based Virtual Services
Disclaimer
The present document has been produced and approved by the Network Functions Virtualisation (NFV) ETSI Industry
Specification Group (ISG) and represents the views of those members who participated in this ISG.
It does not necessarily represent the views of the entire ETSI membership.

---------------------- Page: 1 ----------------------
2 ETSI GR NFV-EVE 016 V1.1.1 (2020-09)



Reference
DGR/NFV-EVE016
Keywords
NFV, service, virtual services, virtualisation

ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2020.
All rights reserved.

DECT™, PLUGTESTS™, UMTS™ and the ETSI logo are trademarks of ETSI registered for the benefit of its Members.

3GPP™ and LTE™ are trademarks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
oneM2M™ logo is a trademark of ETSI registered for the benefit of its Members and
of the oneM2M Partners.
®
GSM and the GSM logo are trademarks registered and owned by the GSM Association.
ETSI

---------------------- Page: 2 ----------------------
3 ETSI GR NFV-EVE 016 V1.1.1 (2020-09)
Contents
Intellectual Property Rights . 4
Foreword . 4
Modal verbs terminology . 4
1 Scope . 5
2 References . 5
2.1 Normative references . 5
2.2 Informative references . 5
3 Definition of terms, symbols and abbreviations . 6
3.1 Terms . 6
3.2 Symbols . 7
3.3 Abbreviations . 7
4 Use Cases for Connection-based Virtual Services . 7
4.1 Introduction . 7
4.2 SD-WAN . 8
5 Actors of Connection-based Virtual Services . 11
5.1 Introduction . 11
5.2 Cloud Service User . 12
5.3 Connectivity Operator and Cloud Operator . 13
5.4 Cloud Service Provider . 14
6 Interfaces of Connection-based Virtual Services . 14
6.1 Introduction . 14
6.2 Cloud User interface . 14
6.3 Cloud Operator-Operator Interface . 17
6.4 Cloud Application interface . 21
7 Connections and Connection End Points of Connection-based Virtual Services . 22
7.1 Introduction . 22
7.2 Cloud Virtual Connection . 23
7.3 Cloud Virtual Connection End Point . 24
7.4 Operator Cloud Virtual Connection . 24
7.5 Example for Cloud Virtual Connection and End Points . 25
8 Overview of NFV Architecture . 25
8.1 Introduction . 25
8.2 NF Forwarding Graph . 25
8.3 SWA Interfaces . 26
8.4 NFV Framework Reference Points. 28
8.5 Container and Infrastructure Interfaces . 29
8.6 ETSI GS NFV-IFA 022 Examples . 30
9 Mapping of Architectural Constructs and Gaps . 30
10 Recommendations for ETSI NFV Architecture . 31
10.1 Introduction . 31
10.2 Interfaces . 31
10.3 Connection and Connection End Points . 31
10.4 NFV-MANO . 32
11 Conclusion . 32
Annex A: Change History . 34
History . 35


ETSI

---------------------- Page: 3 ----------------------
4 ETSI GR NFV-EVE 016 V1.1.1 (2020-09)
Intellectual Property Rights
Essential patents
IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (https://ipr.etsi.org/).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Trademarks
The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners.
ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no
right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does
not constitute an endorsement by ETSI of products, services or organizations associated with those trademarks.
Foreword
This Group Report (GR) has been produced by ETSI Industry Specification Group (ISG) Network Functions
Virtualisation (NFV).
Modal verbs terminology
In the present document "should", "should not", "may", "need not", "will", "will not", "can" and "cannot" are to be
interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions).
"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.

ETSI

---------------------- Page: 4 ----------------------
5 ETSI GR NFV-EVE 016 V1.1.1 (2020-09)
1 Scope
The scope of the present document is to:
• describe use cases and identify gaps within the NFV Architecture Framework to support Connection-based
Virtual Services; identify recommendations for interfaces of service user and virtual resources (e.g. VM,
Containers), and interfaces between Cloud Service Providers (Cloud SPs) to support the Connection-based
Virtual Services; identify recommendations for connection and connection end points to support the
Connection-based Virtual Services; and
• identify recommendations for MANO to support Connection-based Virtual Services.
2 References
2.1 Normative references
Normative references are not applicable in the present document.
2.2 Informative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are not necessary for the application of the present document but they assist the
user with regard to a particular subject area.
[i.1] OCC 1.0 Reference Architecture, December 2014.
NOTE: Available at
https://wiki.mef.net/pages/viewpageattachments.action?pageId=63185562&highlight=OCC+1.0+Referen
ce+Architecture.pdf#OCC+Specifications-attachment-OCC+1.0+Reference+Architecture.pdf.
[i.2] OCC 1.0 Reference Architecture with SDN and NFV Constructs, August 2015.
NOTE: Available at
https://wiki.mef.net/pages/viewpageattachments.action?pageId=63185562&highlight=OCC+1.0+Referen
ce+Architecture.pdf#OCC+Specifications-attachment-OCC+1.0+Reference+Architecture.pdf.
[i.3] ETSI GS NFV 003: "Network Functions Virtualisation (NFV); Terminology for Main Concepts in
NFV".
[i.4] MEF 6.2: "EVC Ethernet Services Definitions Phase 3", August 2014.
[i.5] MEF 61.1: "IP Service Attributes", May 2019.
[i.6] MEF Whitepaper: "Understanding SD-WAN Managed Services", July 2017.
[i.7] MEF 70: "SD-WAN Service Attributes and Service Definitions", May 2019.
[i.8] ETSI GR NFV-IFA 022: "Network Functions Virtualisation (NFV) Release 3; Management and
Orchestration; Report on Management and Connectivity for Multi-Site Services".
[i.9] ETSI GS NFV 001: "Network Functions Virtualisation (NFV); Use Cases".
[i.10] ETSI GS NFV-IFA 014: "Network Functions Virtualisation (NFV); Management and
Orchestration; Network Service Templates Specification".
ETSI

---------------------- Page: 5 ----------------------
6 ETSI GR NFV-EVE 016 V1.1.1 (2020-09)
[i.11] ETSI GS NFV-MAN 001: "Network Functions Virtualisation (NFV); Management and
Orchestration".
[i.12] ETSI GS NFV-SWA 001: "Network Functions Virtualisation (NFV); Virtual Network Functions
Architecture".
[i.13] ETSI GS NFV-INF 004: "Network Functions Virtualisation (NFV); Infrastructure; Hypervisor
Domain".
[i.14] ETSI GS NFV-INF 001: "Network Functions Virtualisation (NFV); Infrastructure Overview".
[i.15] ETSI GR NFV-IFA 029: "Network Functions Virtualisation (NFV) Release 3; Architecture;
Report on the Enhancements of the NFV architecture towards "Cloud-native" and "PaaS"".
[i.16] ETSI GS NFV 002: "Network Functions Virtualisation (NFV); Architectural Framework".
3 Definition of terms, symbols and abbreviations
3.1 Terms
For the purposes of the present document, the following terms apply:
Cloud Application: self-contained or a group of programs or a software package that performs a specific function
directly for an end user or, in some cases, for another application that may be owned by a Cloud User or Cloud SP or
Cloud Operator (i.e. cloud service components that are not associated with connectivity)
Cloud Application UNI: Cloud Application interface between User and Cloud Service Provider
Cloud Application ENNI: Cloud Application interface between two Operators
Cloud Connectivity UNI: Connectivity interface between an User and Cloud Service Provider
Cloud Connectivity ENNI: Connectivity interface between two Operators
Cloud Operator: entity that is responsible for making Cloud Applications available to Cloud Service Providers and/or
Cloud Operators
Cloud Operator-Operator Interface: interface between two Operators which is composed of Cloud Connectivity
ENNI and Cloud Application ENNI
Cloud Service: service comprising one or more of platform components such as compute and storage, applications, and
connectivity among them, that may be accessed by the Subscriber from one or more locations
Cloud Service Packet: packet that is exchanged at Cloud Subscriber Interface or Cloud Operator-Operator Interface
among parties involved in a Cloud Service
Cloud Service Provider: entity that is responsible for the creation, delivery and billing of cloud services, and
negotiates relationships among Connectivity Operators, Cloud Operators, and Cloud Users
Cloud User: end-user (i.e. a person or organization) that maintains a business relationship with and uses services from
a Cloud Service Provider
Cloud User Interface: interface between a Cloud User and Cloud Service Provider which is composed of Cloud
Connectivity UNI and Cloud Application UNI
Cloud Virtual Connection: association of two or more Cloud VC End Points (Cloud VC EPs)
Cloud Virtual Connection End Point: construct at a Cloud User Interface that selects a subset of the Cloud Service
Packets that pass over the interface
Connectivity Operator: providing connectivity services between Cloud Operators, Connectivity Operators and Users
ETSI

---------------------- Page: 6 ----------------------
7 ETSI GR NFV-EVE 016 V1.1.1 (2020-09)
3.2 Symbols
Void.
3.3 Abbreviations
For the purposes of the present document, the abbreviations given in ETSI GS NFV 001 [i.9], ETSI GS NFV 003 [i.3]
and the following apply:
CE Carrier Ethernet
CMaaS Communications as a Service
CPE Customer Premises Equipment
CSUI Cloud Service User Interface
EM Element Management
ENNI External Network Network Interface
EP End Point
IaaS Infrastructure as a Service
LAN Local Area Network
MPLS Multiprotocol Label Switching
NaaS Network as a Service
PaaS Platform as a Service
SD-WAN Software Defined Wide Area Network
SECaaS Security as a Service
SP Service Provider
UNI User Network Interface
VC Virtual Connection
VPN Virtual Private Network
WAN Wide-area Network
4 Use Cases for Connection-based Virtual Services
4.1 Introduction
Connection-based Virtual Service term is used to describe Cloud Service given Cloud Service always has a connection
between an application and a user, and virtual components. Therefore, both terms are used synonymously in the present
document.
A Cloud Service can include application entities (e.g. VNFs), Cloud Virtual Connection (Cloud VC) and associated
resources such as NFVI in ETSI GS NFV 003 [i.3]. For example, a connectivity service for an application can be a
Cloud Service. Similarly, computing applications, computing resources and virtual network collectively can form a
Cloud Computing service or just the computing applications together with computing resources form a Cloud Service
where internet connection is used for the application access as depicted in Figure 4-1.
When a Cloud Service is an end-to-end service between external interfaces of a Cloud Service Provider (Cloud SP), it
can include non-virtual and virtual resources such as VNFs and NSs or all virtual resources. For example, a user may
use a non-cloud based network, cloud based network, or hybrid network to access cloud computing applications.
The services can be grouped under Network as a Service (NaaS), Infrastructure as a Service (IaaS), Platform as a
Service (PaaS), Software as a Service (SaaS), Communications as a Service (CMaaS) and Security as a Service
(SECaaS). For example:
• SD-WAN providing application aware routing can be considered as NaaS;
• server, desktop, database, LAN and WAN can be categorized as IaaS;
• development environment and test environment can be categorized as PaaS;
• security services via virtualised firewalls and/or security services can be considered as SECaaS;
ETSI

---------------------- Page: 7 ----------------------
8 ETSI GR NFV-EVE 016 V1.1.1 (2020-09)
• WAN Optimization providing efficient utilization of network resources can be considered as SaaS;
• business, consumer, network and communication applications can be categorized as SaaS; and
• virtual PBX, audio and video conferencing and telepresence can be categorized as CMaaS.

CE: Carrier Ethernet
CPE: Customer Premises Equipment
IP/MPLS: Internet Protocol/Multiprotocol Label Switching

Figure 4-1: Various access mechanisms for accessing Cloud Applications
In this clause, SD-WAN is described as an example.
4.2 SD-WAN
SD-WAN is a network connectivity service, NaaS, providing secure, IP-Based virtual overlay networks that typically
uses IPsec tunnels over Internet or MPLS underlay networks. SD-WANs support any topology, e.g. full/partial mesh
and hub and spoke. IP-Based SD-WAN implementations often use the public Internet as one of their WANs in which
case they need to support firewall and Network Address Translation (NAT) capabilities.
The SD-WAN tunnel is initiated or terminated by the SD-WAN Edge which provides the SD-WAN service
demarcation. The SD-WAN Edge creates and terminates encrypted tunnels over different types of wired or wireless
TM TM
underlay networks, such as T1s/E1s, broadband Internet (DSL, Cable, and PON), Wi-Fi and LTE wireless access
networks, and IP (Internet) and MPLS core networks.
The SD-WAN Edge also performs application-based QoS and security policy enforcement, application forwarding over
one or more WAN connections, and QoS performance measurements over each WAN to determine WAN path
selection. The SD-WAN Edge may also perform WAN optimization functions such as packet buffering/reordering, data
duplication, data compression, and forward error correction as described in MEF Whitepaper [i.6].
The SD-WAN Edge functionality may be implemented as a VNF which may run on a virtual CPE (vCPE) at the
customer premises or in a data centre, which is managed by cSP. The SD-WAN Edge functionality can be also provided
by a physical CPE device resident on the customer premises and managed by cSP.
ETSI

---------------------- Page: 8 ----------------------
9 ETSI GR NFV-EVE 016 V1.1.1 (2020-09)
The SD-WAN Controller provides physical or virtual device management for all SD-WAN Edges and SD-WAN
Gateways (if used) to connect sites interconnected via alternative VPN technologies such as Carrier Ethernet. The
management function includes configuration and activation, IP address management, and pushing down policies onto
SD-WAN Edges and SD-WAN Gateways, and maintains connections to all SD-WAN Edges and SD-WAN Gateways.
The SD-WAN Controller communicates northbound with its Orchestrator. The Orchestrator provides the end-to-end
SD-WAN management and interfaces to an OSS/BSS for service order and billing.
Two SD-WAN examples are depicted in Figures 4-2 and 4-3. These implementation examples do not follow ETSI-NFV
standards.
In Figure 4-2, the SD-WAN configuration enables the user to use an encrypted SD-WAN tunnel over the Internet to
augment their site-to-site MPLS VPN bandwidth and achieve higher resiliency using two WANs.

Figure 4-2: SD-WAN service tunnelled over Internet and MPLS WANs
Figure 4-3 illustrates an SD-WAN configuration where an SD-WAN Gateway interconnects sites connected via an
SD-WAN over the Internet and sites connected via a MPLS VPN. An SD-WAN Gateway enables sites interconnected
via the MPLS VPN to communicate with sites interconnected via SD-WAN tunnels over the Internet. The sites
interconnected via MPLS VPN are expected to use legacy CPE which does not have virtualised components.
ETSI

---------------------- Page: 9 ----------------------
10 ETSI GR NFV-EVE 016 V1.1.1 (2020-09)

Figure 4-3: SD-WAN sites interconnecting with MPLS VPN sites
In Figures 4-2 and 4-3, the network that SD-WAN Edge units are connected to is managed by an Operations Support
System (OSS) and various Element Managers (EMs). The OSS may consist of multiple systems. These systems along
with EMs provide configuration management, fault management, performance management, security management and
testing of network elements and facilities connecting these network elements.
The legacy CPE in Figure 4-3 is likely to be managed by an EM. Similarly, elements of the IP/MPLS network in
Figures 4-3 and 4-4 are likely to be managed by EMs that are not shown in the figures.
Figure 4-4 redraws the network configuration similar to that in Figure 4-2 using ETSI NFV constructs. Per [i.8], [i.9],
VNF represents vCPE. IPsec tunnel forming a Cloud Service Connection (or SD-WAN Connection) is mapped to a
Virtual Link despite of the fact that there could be multiple connections in a given link.
SD-WAN vEdge VNFs are managed by VNFM. WIM provides the necessary multi-site connectivity to connect the
SD-WAN vEdge islands that are instantiated over the NFVIs. The WIM may be responsible for underlying WAN.
In contrast to WIM, a VIM manages network resource as well as NFVI compute and storage resources within the
domain of an NFVI-PoP where SD-WAN vEdge resides.
ETSI

---------------------- Page: 10 ----------------------
11 ETSI GR NFV-EVE 016 V1.1.1 (2020-09)

Figure 4-4: SD-WAN service components represented by ETSI NFV constructs
In Figure 4-4, a Network Service (NS) consisting of two VNFs (vCPE) is instantiated. These two VNFs are installed at
two customer sites, Customer Location-A and Customer Location-B, and connected across the WAN infrastructure.
The virtualised network resources assigned to the vCPE VNFs are terminated at virtual network ports which are
attached to the WAN infrastructure. As a result, a unified Virtual Link is created by combining the virtualised network
resource for Customer Location-A, Customer Location-B and WAN.
5 Actors of Connection-based Virtual Services
5.1 Introduction
The key actors of Connection-based Virtual Services (i.e. Cloud Services) are depicted in Figure 5-1 where a Cloud
Service Provider (Cloud SP) is responsible for providing an end-to-end Connection-based Virtual Service to a Cloud
User using resources of Connectivity Operator (s) and Cloud Operator (s) [i.1] and [i.2]. The connectivity can be
provided by networks of Connectivity Operator (s) as well as by the Internet.
ETSI

---------------------- Page: 11 ----------------------
12 ETSI GR NFV-EVE 016 V1.1.1 (2020-09)

Figure 5-1: Cloud Service Actors
5.2 Cloud Service User
A Cloud Service User is the end-user (i.e. a person or organization) that maintains a business relationship with and uses
services from a Cloud SP.
A Cloud Service User interfaces to a Cloud SP's facilities via a standards interface called Cloud Service User Interface
(CSUI) (Figure 5-2) which is a demarcation point between the Cloud SP and the Cloud Service User.

Figure 5-2: CSUI Reference Point between Cloud Service User and Cloud SP
The user in Figure 5-2 can be an enterprise with multiple users sharing the same Cloud User Interface. The user
interface may consist of a physical equipment with an Internet browser, a VNF, a Virtual Machine (VM), a Container,
or a collection of VNFs, VMs and Containers with a virtual switch.
ETSI

---------------------- Page: 12 ----------------------
13 ETSI GR NFV-EVE 016 V1.1.1 (2020-09)
5.3 Connectivity Operator and Cloud Operator
Connectivity Operator is an entity providing connectivity services between Cloud Operators, Connectivity Operators
and Users. Cloud Operator is an entity that is responsible for making cloud applications available to Cloud Service
Users.
A Cloud SP can implement the Cloud Service that they provide to the User by subcontracting with one or more
Operators. Each Operator might provide a connectivity service (a Connectivity Operator) and/or an application(s) (a
Cloud Operator).
Two Operators interface each other via a Cloud Operator-Operator Interface as depicted in Figure 5-3.

(a) Cloud Operator-Operator Interface between two Connectivity Operators

(b) Cloud Operator-Operator Interface between two Cloud Operators
ETSI

---------------------- Page: 13 ----------------------
14 ETSI GR NFV-EVE 016 V1.1.1 (2020-09)

(c) Cloud Operator-Operator Interface between Connectivity Operator and Cloud Operator
Figure 5-3: Cloud Operator-Operator Interface
5.4 Cloud Service Provider
Cloud Service Provider (Cloud SP) is an entity that is responsible for the creation, delivery and billing of cloud services,
and negotiates relationships among Connectivity Operators, Cloud Operators, and Cloud Service Users. It is the single
point of contact for the user.
For a given Cloud Service, the User contracts with a Cloud SP to be responsible for delivering Cloud Services at the
User locations. The Service Provider, in turn, selects and contracts with various Connectivity Operators and Cloud
Operators to deliver the services at requested locations. It is the responsibility of the Service Provider to ensure that
service features purchased by the User are delivered.
6 Interfaces of Connection-based Virtual Services
6.1 Introduction
The interface between a Cloud Service User and a Cloud SP, the interface between Operators, and the interface of the
Cloud Application or Cloud Platform are the key interfaces for using and delivering Cloud Services. They are
...