Tuesday, June 4, 2019

Blueprint column: The importance of Gi-LAN in 5G

by Takahiro Mitsuhata, Sr. Manager, Technical Marketing at A10 Networks 

Today's 4G networks support mobile broadband services (e.g., video conferencing, high-definition content streaming, etc.) across millions of smart devices, such as smartphones, laptops, tablets and IoT devices. The number of connected devices is on the rise, growing 15 percent or more year-over-year and projected to be 28.5 billion devices by 2022 according to Cisco's VNI forecast.

Adding networking nodes to scale-out capacity is a relatively easy change. Meanwhile, it's essential for service providers to keep offering innovative value-added services to differentiate service experience and monetize new services. These services including parental control, URL filtering, content protection and endpoint device protection from malware and ID theft, to name a few. Service providers, however, are now facing new challenges of operational complexity and extra network latency coming from those services. Such challenges will become even more significant when it comes to 5G, as this will drive even more rapid proliferation of mobile and the IoT devices. It will be critical to minimize latency to ensure there are no interruptions to emerging mission-critical services that are expected to dramatically increase with 5G networks.

Gi-LAN Network Overview

In a mobile network, there are two segments between the radio network and the Internet: the evolved packet core (EPC) and the Gi/SGi-LAN. The EPC is a packet-based mobile core running both voice and data on 4G/ LTE networks. The Gi-LAN is the network where service providers typically provide various homegrown and value-added services using unique capabilities through a combination of IP-based service functions, such as firewall, carrier-grade NAT (CGNAT), deep packet inspection (DPI), policy control and traffic and content optimization. And these services are generally provided by a wide variety of vendors. Service providers need to steer the traffic and direct it to specific service functions, which may be chained, only when necessary, in order to meet specific policy enforcement and service-level agreements for each subscriber.

The Gi-LAN network is an essential segment that enables enhanced security and value-added service offerings to differentiate and monetize services. Therefore, it's crucial to have an efficient Gi-LAN architecture to deliver a high-quality service experience.


 Figure: Gi-LAN with multiple service functions in the mobile network

Challenges in Gi-LAN Segment

In today's 4G/ LTE world, a typical mobile service provider has an ADC, a DPI, a CGNAT and a firewall device as part of Gi-LAN service components. They are mainly deployed as independent network functions on dedicated physical devices from a wide range of vendors. This makes Gi-LAN complex and inflexible from operational and management perspective. Thus, this type of architecture, as known as monolithic architecture, is reaching its limits and does not scale to meet the needs of the rising data traffic in 4G and 4G+ architectures. This will continue to be an issue in 5G infrastructure deployments. The two most serious issues are:

1. Increased latency
2. Significantly higher total cost of ownership

Latency is becoming a significant concern since, even today, lower latency is required by online gaming and video streaming services. With the transition to 5G, ultra-reliable low-latency connectivity targets latencies of less than 1ms for use cases, such as real-time interactive AR/ VR, tactile Internet, industrial automation, mission/life-critical service like remote surgery, self-driving cars and many more. The architecture with individual service functions on different hardware has a major impact on this promise of lower latency. Multiple service functions are usually chained and every hop the data packet traversing between service functions adds additional latency, causing overall service degradation.

The management overhead of each solution independently is also a burden. The network operator must invest in monitoring, management and deployment services for all devices from various vendors individually, resulting in large operational expenses.

Solution – Consolidating Service Functions in Gi-LAN

In order to overcome these issues, there are a few approaches you can take. Service-Based Architecture (SBA) or microservices architecture address operational concerns since leveraging such architecture leads to higher flexibility and automation and significant cost reduction. However, it is less likely to address the network latency concern because each service function, regardless of VNF or microservice, still contributes in the overall latency as far as they are deployed as an individual VM or microservice.

So, what if multiple service functions are consolidated into one instance? For example, CGNAT and Gi firewall are fundamental components in the mobile network, and some subscribers may choose to use additional services such as DPI, URL filtering. Such consolidation is feasible only if the product/ solution supports flexible traffic steering and service chaining capabilities along with those service functions.

Consolidating Gi-LAN service functions into one instance/ appliance helps to drastically reduce the extra latency and simplify network design and operation. Such concepts are not new but there aren't many vendors who can provide consolidated Gi-LAN service functions at scale.

Therefore, when building an efficient Gi-LAN network, service providers need to consider a solution that can offer:
  • Multiple network and service functions on a single instance/ appliance
  • Flexible service chaining support
  • Subscriber awareness and DPI capability supported for granular traffic steering
  • Variety of form-factor options - physical (PNF) and virtual (VNF) appliances
  • High performance and capacity with scale-out capability
  • Easy integration and transition to SDN/NFV deployment
About the author

Takahiro Mitsuhata, Sr. Manager, Technical Marketing at A10 Networks

About A10

A10 Networks (NYSE: ATEN) provides Reliable Security Always™, with a range of high-performance application networking solutions that help organizations ensure that their data center applications and networks remain highly available, accelerated and secure. Founded in 2004, A10 Networks is based in San Jose, Calif., and serves customers globally with offices worldwide. For more information, visit: www.a10networks.com and @A10Networks