Following diagrams depict example scenarios and how networking components such as VDS, N-VDS, and SR-IOV can be used to provide network connectivity to the Telco workloads. The VLAN numbers in the following figure are for illustrative purposes only.

As shown in the preceding figure, Logical switches are the layer 2 networks created by NSX-T Data Center to provide connectivity between its services and the VMs. Logical switches form the basis of the tenant networks created by tenant administrators from with their tenancy. The primary component in the data plane of the transport nodes is N-VDS. N-VDS forwards traffic between components running on the transport node (that is between VMs) or between VMs and the physical network. In the latter case, N-VDS must own one or more physical interfaces (physical NICs) on the transport node. As with other virtual switches, an N-VDS cannot share a physical interface with another N-VDS. It can coexist with another N-VDS each using a separate set of physical NICs.

Telco Edge Site Networking

Edge sites can be connected to two separate domains. The first domain is an Internet breakout where the tunneled traffic from the user equipment is terminated and routed as IP packets to the Internet. The second is where traffic remains tunneled to the central site (as happens today with user traffic). In both cases, the Edge site uses a physical router as the egress device to transport traffic to the Internet or to the central site.

There are multiple options for the physical router egress connectivity, such as metro Ethernet and MPLS. The technology that is used to connect Edge to Internet or Core sitedoes not impact this reference architecture, except for certain latency and speed requirements.

Logical Routing

The NSX-T Data Center platform provides the ability to interconnect both virtual and physical workloads that are deployed in different logical layer 2 networks. NSX-T enables the creation of network elements like switches and routers as software logical constructs and embeds them in the hypervisor layer, abstracted from the underlying physical hardware.

East-West Traffic

Configuring a logical router through the NSX Manager instantiates a logical router on each hypervisor. For the VNFs hosted on the same hypervisor, the East-West traffic does not leave the hypervisor for routing. The logical router is also responsible for routing East-West traffic between hypervisors. The logical router, also called the Tier-1 router is deployed and managed by the tenants of the vCloud NFV OpenStack Edition platform, for routing services between their respective tenant networks from within their tenancy.

North-South Traffic

In addition to providing optimized distributed and centralized routing functions, NSX-T Data Center supports a multi-tiered routing model with a logical separation between the provider routing function and the tenant routing function. This way, the concept of multitenancy is built in the routing model. The top-tier logical router is called a Tier-0 router, whereas the bottom-tier logical router is called a Tier-1 router. This structure provides both provider and tenant administrators a complete control over their services and policies. The provider administrator controls and configures Tier-0 routing and services and the tenant administrators control and configure Tier-1 routing services. Northbound, the Tier-0 logical router connects to one or more physical routers or layer 3 switches and serves as an on/off ramp to the physical infrastructure. Southbound, the Tier-0 logical router connects to one or more Tier-1 logical routers.

This model also eliminates the dependency on a physical infrastructure administrator to configure or change anything on the physical infrastructure when a new tenant is configured in the data center. For a new tenant, the Tier-0 logical router simply advertises the new tenant routes that are learned from the tenant Tier-1 logical router on the established routing adjacency with the physical infrastructure.