Virtualize to Scale on Demand: Dynamic Service Function Chaining in the S/Gi-LAN

F5 Miniatur
Published June 22, 2017

The S/Gi-LAN is the network segment between the core packet gateways and the Internet—and it’s here that service providers deploy unique value-added service (VAS) capabilities to monetize, innovate, and differentiate from their competitors. Value-added services improve the quality of the customer experience by controlling traffic based on user profiles, network policies, and application characteristics.

Value-added services control traffic flows by using multiple service functions that may include firewalls, deep packet inspection, HTTP header enrichment, transparent caching, URL filtering, parental controls, load balancing, carrier-grade network address translation (CGNAT), and TCP and/or video optimizations. An ordered list of these service functions is known as a service function chain.

Network Challenges

The configuration method to link value-added services is a manual process in which the service function chains created become static. All traffic will flow through a fixed service chain, regardless of whether all packets need those service functions. There’s no option to bypass unnecessary service functions, which wastes capacity and increases the latency for traffic across the network.

Because static implementations are not flexible for traffic flow, the costs to manage and operate are higher due to the inefficient use of network resources, and the complexity of deploying services. Inflexibility limits scale, capacity, and redundancy for growing user data traffic and applications.

Improved Efficiencies Using the Network Service Header (NSH)

To improve the efficiency of static service chains, the IETF introduced an on-demand routing mechanism called the Network Service Header (NSH), aligned with software-defined networking (SDN) principles of decoupling the control and the user planes. The NSH is inserted in the packet header, and is used to create a dedicated service plane that’s independent of the underlying transport control protocol. The NSH contains path identification information and metadata information about the packet. Using the NSH together with the flexibility of API programming, the SDN can introduce policy controls to create a path to the value-added services that the packets require.

Dynamic service function chaining, also called NSH service chaining, classifies traffic flows so that only the desired flows are passed to the service functions—without the need for configuration changes.

How Dynamic Service Function Chaining Works

Service chaining links functions to form a service path. The packets that belong to a flow can travel through all the functions in the service chain. The NSH is used to create a dynamic service chain—enabling service providers to place and add services anywhere for provisioning flexibility. The service provider can define service chains to add or skip VAS endpoints by using policy-based forwarding. At the same time, depending on the policy, service providers can offer revenue-generating services by inserting or removing header information per leg of the VAS chain.

Figure 1 – Dynamic service function chaining in the S/Gi-LAN

Benefits of Dynamic Service Function Chaining

Service providers can innovate and monetize new offerings through the control of service functions. For example, they can use URL filtering to control access to certain content from a list of URL sites. Because a service chain for URL filtering can be set up based on the user’s subscription profile, service providers can sell parental controls as a VAS that blocks children from viewing inappropriate content based on the access privilege of a child’s service profile.

The benefits include:

  • Flexibility: A range of policies based on subscription, applications, or network condition.
  • Service agility: Services deployed anywhere in the network and added when in need.
  • Service deployments decoupled from network topology: Move traffic to different service functions without changing the network topology.
  • Optimal use of network resources: Dynamic service function chaining need not be dimensioned for max traffic forecast requirements. Traffic types classified for desired packet flows are passed to applicable service functions. For example, if a traffic type is classified as video, then the packet flow will be directed towards a video service function, such as a video optimization server.

Summary: Virtualize to Scale on Demand

To deliver and monetize value-added services while making more efficient use of network resources, service functions can be virtualized with the support of dynamic service function chaining. This gives service providers the control to define service chains based on user subscription, application requirements, or network conditions. Combining SDN (to introduce policy controls) with the service provider’s existing architecture to dynamically chain services can enable automation. This helps lower costs through greater flexibility and simplified operations.

Service chaining optimizes the use of service functions in the S/Gi-LAN by intelligently steering traffic flow according to application needs. Certain service functions can be bypassed completely to help reduce network latency and help service providers avoid over-dimensioning their network resources.

Dynamic service function chaining gives operators the flexibility to modify traffic flow on demand, ensuring that they deliver services in a cost-efficient manner. By making efficient use of network resources, they can scale on demand to meet customers’ expectation for quality of experience. The capability to modify the chain on-demand also enables operators to provide value-added services to their customers, and allow service providers to monetize new services for additional revenue.


To learn more about F5 NFV and data traffic management solutions, visit the corresponding links below :

Network Functions Virtualization

Data Traffic Management