DDI for 5G InfrastructuresHow SOLIDserver™ Enhances Network Performance, UX and Security
5G mobile networking is able to deliver many improvements over previous versions of celular technologies. The deployment of networks will be phased over several years and features will appear along the road at the rhythm of normalisation by 3GPP (3rd Generation Partnership Project).
As initial benefits for the mobile user, 5G networks can provide a greater density of devices on the radio network, higher bandwidth and lower latency transit that enables new usages like industrial control, inter autonomous vehicle event sharing (V2V), augmented reality or mobile online gaming. This all requires powerful infrastructure close to the mobile device and quick decisions on IP network basics, including DNS.
5G private networks can be used for large campuses (e.g. airports, universities, factories) as an alternative to existing wireless data solutions. In addition, telcos are able to build dedicated slices for large mobile customers or corporations acting as an access provider, whereas today device connectivity is mainly the responsibility of the I&O teams. Enterprise slices can be seen as an extension of the private network and require smooth integration of IP services like address plan management and naming resolution. DHCP and DNS services are part of the fundamental IP services required to extend the private corporate network over telcos waves.
3GPP releases 15, 16 and 17 bring innovation and material for new services for telcos. Mobile users and enterprises will take advantage of these new services for their own business and usages. With a slow normalization process of the entire 5G standards and slow deployment of both radio network and disruptive services, enterprises can plan their new usages and imagine new use cases. Telcos on the other hand should already prepare their infrastructure for this new hyped technology. Radio network, coverage and backbone networks are a big obvious part of this work. Edge computing and service virtualization are other important transformations as the deployment model is moving towards software for most functions (known as NFV for Network Virtual Functions). Some functions will be hosted in central parts of the network but most functions related to IP services may benefit from being hosted at the edge of the networks, close to the end devices in order to limit delay and backhauling the network traffic to central points. This is where EfficientIP SOLIDserver solution brings great value to 5G services.
Operator IT Challenges for 5G Networks
In addition to financial impacts for operators linked to massive deployment costs, on the IT side the main challenges faced will include:
- Deploying network architecture to handle bandwidth for end user devices and increased number and variety of radio base stations (TDD, FDD and NB-LTE), in order to fulfil the three main contradictory usages:
- eMBB (enhanced mobile broadband at 10Gbps)
- uRLLC (ultra-reliable and low latency communications at 1ms delay)
- mMTC (massive machine type communications at 1 million devices per km²)
- Limiting overall round trip delay between device and content from any consumed application for new usages; this requires bringing computing resources near the device in the network for caching content, aggregating and preprocessing data, and optimizing network paths and IP routes
- Scaling capacities up and down in order to optimize running costs and energy consumption
DDI (DNS-DHCP-IPAM) Requirements for 5G Networks
5G deployments face multiple challenges, due mainly to the fact that they significantly change the way telcos normally build and operate their networks. Software is at the heart of the 5G revolution, and IP is the standard protocol between apps, making the DDI solution a fundamental base as an IP service enhancer.
Low latency is pushing the limits on multiple systems so DNS resolution times have come very much to the foreground. And whereas hardware was previously common, fast deployment and auto-scaling architecture with NFV have become mandatory.
Lastly, in order to minimize DNS lookup times and increase cache-hit ratio for local users, it is essential to place DDI components for enabling IP services at the edge of the new networks and thus closer to end-users, while taking advantage of automation and scalability. That is exactly how EfficientIP’s SOLIDserver DDI is architectured.
DDI Data Consistency, Integrity and Uniqueness Control
SOLIDserver ensures the consistency of user-established configurations by verifying the entered data and its coherence in your network.
SOLIDserver eliminates IP address conflicts such as duplicate IP addresses, subnet overlapping, naming errors or overlaps between DHCP services. Thus, SOLIDserver helps to prevent configuration errors and guarantees the integrity and the reliability of DNS and DHCP servers.
Value Brought By SOLIDserver DDI
EfficientIP SOLIDserver DDI solution helps telcos with enabling their new 5G services, using a platform which regroups an extended set of services. These range from traditional IPAM, DNS and DHCP to advanced security, application traffic management and a rich set of API and events to be included easily in any ecosystem of NFV and legacy applications.
With the fastest DNS on the market – the DNS Blast solution – any topology situation among current and future 5G designs requesting high DNS throughput, cache performance or ultra low latency can be achieved with either virtual or physical appliances. With up to 17 millions queries answered per second by the DNS, telcos can guarantee that mobile devices will get timely access for their content and IoT to their computation and decision resources taking full advantage of low latency slices.
By using Guardian DNS solution, the horizontal scaling for DNS NFV enables quick response to scaling needs. Ultra low latency DNS answering at an average of 28 µs combined with pre-warmed cache through sharing capabilities allows telco edge infrastructure to use minimal resources without fear of scaling down when they are not being used.
For slices with DHCP IP addressing enabled, high performance rates up to 6.000 leases per second on a single appliance can cope with mobility bursts and high speed devices roaming required by autonomous vehicles (V2V and V2I) enabled slices.
Improved User Experience
Fast DNS answers provide significant improvement on the experience of any mobile user. This is even more important with lower transit delay on the radio network, which is one of the main advantages of the 5G radio network.
The experience is not only linked to DNS performances, it can also be optimized by choosing the most appropriate destination for an application requested, site or service. Using Edge DNS GSLB (Global Server Load Balancing) in the DNS NFV installed near to mobile devices can help reduce latency. Incorporating intelligent application traffic routing, it continuously analyzes the network and application performances hosted on multiple sites and servers in order to make the best decision.
Similar to a CDN service optimizing the content delivered to the web browser, any 5G enterprise private slice would benefit from GSLB routing optimization at the edge of the network. By simply defining the key application load-balancing distribution strategy, administrators can influence the destination that each mobile device will reach based on its location on the radio network. This is even more interesting for low end devices like IoT that may not be able to handle complex application access strategies in their software, but certainly use the DNS service for resolution and to locate the application server they want to connect to over the IP network.
DNS service is key to any IP and internet communication. It handles any intent of connection from a user to an application server by resolving the name to a technical IP address. This gives the DNS an excellent viewpoint for applying a first layer of security, allowing abnormal access requests to be filtered out. Thanks to DNS security natively provided by the patented DNS Guardian solution, EfficientIP can help 5G providers to enhance their access security on dedicated slices for enterprises or IoT / V2V.
Operators also have the potential to gain competitive advantage for VIP clients, via creation of premium offers with a first barrier based on threat intelligence combined with behavioral client analysis. This is made possible thanks to the quick response time of the Guardian on unknown attack sources and malware traffic. By extension the advanced filtering function available at the DNS level, in the DNS Firewall solution, allows specific business filtering like parental control or anti-malware filtering near the user’s device.
In order to offer end user protection, SOLIDserver DNS servers are able to secure integrity of any answer using the DNSSEC solution. This can be critical for IoT (to avoid DDoS attacks), for connected vehicles (to avoid hijacking), and for healthcare devices (to avoid confidential data breaches). SOLIDserver DNS servers can also allow ciphering of the data traffic between the connected device and its first resolver through DNS over TLS or DNS over HTTPS.
Simplified Deployment and Administration
5G architecture brings new paradigms directly linked to new software patterns. Most services on a 5G network are provided in software modules equivalent to service architecture having long been used in standard applications. That requires any function deployed in the network to be simple to deploy and administer. This is exactly the purpose of the SmartArchitecture functionality implemented in EfficientIP SOLIDserver; a way to easily configure a group of services as a single entity. Deploying a new DNS network function doesn’t require specific configuration of the DNS service itself. It directly inherits the properties of the SmartArchitecture in which it is placed. This allows quick replacement of failing equipment, horizontal scalability (scale-in and scale-out), and daily traffic patterns to support the standard traffic or in preparation of a specific mass event.
The central administration of all the SmartArchitectures is key to 5G DNS NFV administration as it practically eliminates the time spent on basic configuration processes, helping move towards a zero touch deployment strategy.
Service continuity is vital for 5G networks. It can be handled by horizontal scalability and NFV patterns, but also by robust and proven solutions like clustering. All components of the EfficientIP SOLIDserver are designed to be redundant. When the protocol is not directly taking care of the traffic spread and redundancy, clustering solutions are added with active/active or active/passive architectures.
Continuity is also dependent on minimizing the Recovery Time Objective (RTO) for critical services, which is one of the key benefits of the SmartArchitecture approach. SmartArchitecture brings simplified resilience and disaster recovery management, with automated configurations and standardized topology templates. It allows configuration at a meta level directly applicable to fresh installations. The configuration is automatically applied with all the parameters in order to have the service up and running with minimum manipulation, and is therefore error-free.
Resiliency is important at the service level, especially for critical ones like DHCP and DNS, so it is important to manage any failure scenario that may appear. DNS Guardian provides a unique continuity feature able to continue serving records even in case of failure of the upstream DNS infrastructure, whether it’s private or public. DNS should never fail to provide clients with a good resolution service whenever the underlying network is still functioning. For DHCP, service resiliency is directly related to always-on clustering function allowing active/active architecture for demanding slices.
For complex application traffic management, SOLIDserver DNS incorporates a very advanced and disruptive GSLB (Global Server Load Balancing) solution that helps optimize latency and enable flexible DRP scenarios.
Open API for Rich Integration
In any modern ecosystem APIs are the enabler for easy interconnection and loose coupling through event handling. SOLIDserver is built around API as a service based system and any action performed by automation or the GUI can be also performed through API. This allows easy integration of all the DDI, security and application traffic management to be administered centrally or through a VNF manager. It also allows the IPAM to act as the central repository for the whole 5G infrastructure with dynamic updates reflecting the exact configuration of services and networks in place in the SDN.
Support of Standards
By implementing all the adopted standards on IP service protocols like DNS and DHCP, SOLIDserver is a robust cornerstone for 5G service deployment. One of the key evolutions in 5G internal requirements relates to finding resources using DNS. It enables complex network topologies and scale-out principles for all the internal components of the network. This support is enabled by a strict implementation of required features using S-NAPTR, SRV and A/AAAA DNS records as stated in the 3GPP normalization (cf TS 29.303), and also in the Internet standard like IETF RFC3958 (Domain-Based Application Service Location Using SRV RRs and the Dynamic Delegation Discovery Service (DDDS).
In addition to standard compliance directly related to 5G, telcos are planning their next 10 to 15 years networking solutions, and in that context IPv6 is mandatory. Standard IPv4 has proven to be complex to maintain in mobile networks, implying use of CGNAT in order to connect ever more devices behind the same address. To move to IPv6 at large scale, the SOLIDserver solution has been proposing for a long time proven technologies like NAT64 and DNS64, which have been successfully deployed in many telco mobile networks worldwide.
5G telecommunication providers are changing the way data is exchanged and people are talking, sharing, playing, working and living together. Service providers are facing constant challenges to set up their infrastructure and evolve it to cater for new usages. More capacity, more devices, more bandwidth, and more powerful networks are required for all the use cases that can now be enabled by 5G technologies.
At the heart of the engine we find all the components of modern IP networks and anything able to bring application content and service back to any user device. DDI is a cornerstone of any IP network, from a small home to a very large enterprise and obviously the whole Internet. By offering a coherent and integrated solution, EfficientIP SOLIDserver enables 5G networks by bringing network automation, standard support, industry-leading performances, high computing capacities and innovations.