Service Function Chaining

There has been a shift in paradigm from the host-centric model to the data-centric model. The network services and computation capacity are available closer to the users. The cloud and data center network and cloud architecture require flexible network function deployment models.

The advent of technologies such as Network Function Visualization (NFV) allows Cloud Service Providers (CSPs) to provision Virtual Network Functions (VNFs) as opposed to physical networking infrastructure, e.g., a traditional router can be replaced by a virtual router. In a traditional network, a sequence of steps is required when connecting various hardware components responsible for handling the traffic coming into and going out of the network.

Service Function Chaining (SFC) is one way of providing end-to-end network connectivity while maintaining different Service Level Agreements (SLAs) promised by CSPs. In this chapter, we discuss different SFC objectives, design and deployment considerations and challenges faced by CSPs in SFC provisioning. Keeping in line with the main theme of the book, one section has been dedicated to security provisioning using SFC framework. The motivation for SFC along with high-level design goals has been discussed in Section 9.1. The SFC architecture, core concepts, and challenges introduced in SFC by topological dependencies, resource availability and configuration complexity have been discussed in Section 9.2. The SFC on top of SDN/NFV framework with different applications such as segment routing has been described in Section 9.3. Section 9.4 introduces different SFC research project-based testbed and their architectures, such as T-Nova and Tacker. The policy composition for SFC deployment has been discussed in Section 9.5. The research works in the field of secured service function chaining such as Secure In Cloud Chaining (SICS) and Network Security Defense Pattern (NSDP) have been discussed in Section 9.6.