How 'network slicing' may determine the success or failure of 5G Wireless
As 5G-branded services are rolling out, perhaps the most critical issue pertaining to 5G Wireless as a whole is unresolved: Will enterprise customers be given the power to manage the networks that run their applications?
The issue of network slicing deals with two critical, unresolved questions: First, how will telecommunications service providers (AT&T, Verizon, T-Mobile/Sprint, the new Dish) adopting 5G Wireless choose to compete against cloud service providers (Amazon AWS, Microsoft Azure, Google Cloud Platform, IBM Cloud) for applications and data? Second, how will they re-architect their networks to give enterprise customers control over their assets, while at the same time maintaining the security and integrity of their infrastructure?
Even now, as 5G-branded services are being rolled out to major US metropolitan areas, these seemingly fundamental architectural issues remain up in the air.
Today's telecommunications networks are software-defined (SDN), just as most enterprise networks are. This means there's a map of the network whose addressable locations can be determined and changed by code to suit the needs of their workloads at any given moment. With an enterprise network, a virtual machine or a container is usually given an Internet Protocol address that makes it uniquely accessible on the network level (a "local loop"). Kubernetes is an enterprise network orchestrator for modern, distributed, container-based applications, but it assumes the SDN is mapped around the containers running user-oriented functions.
Kubernetes cannot orchestrate a telecommunications network, because of one fundamental difference: At the lowest level, a telco network's functions serve the network, not the user. It must work this way -- it's a non-negotiable point.
Telcos rely on a low-level division of computing resources called network functions virtualization (NFV), which is managed at a level much closer to the core of the computing infrastructure than a typical commercial virtualization platform like VMware's vSphere. At this level, network management programs run like individual machines. Theoretically, customer-facing functions -- for instance, interfaces to streaming content channels -- could be deployed as NFVs.
5G Wireless requires additional sources of revenue besides voice telephony, for service providers to be able to afford the transition, and sustain the new platform over the next decade. So some computing service is a critical need for them.
Yet they come into this new market with one unmistakable advantage: Extensive data center assets that span the planet. The appeal of 5G for telcos lies with the ability to pool their resources in the delivery of cloud-like services to commercial customers, without having to build hyperscale data centers.
"5G network evolution brings us a lot of possibilities and excitement and capabilities that we couldn't do before," said Igal Elbaz, AT&T's senior vice president for network architecture and design, speaking with ZDNet. "We're talking about virtualization, moving network functions into software, network cloud, orchestrators, how do you bring latency [management] into applications? There's a lot of new elements, or not very old elements."
Telcos' data centers are not now, and will never become similar to, cloud platforms like OpenStack or Azure Stack. But that's just at the infrastructural level. At a higher level, telcos moving to 5G may have the opportunity, and most likely the incentive, to resell chunks of their cloud capacity to commercial customers. So in the business sense if not the architectural one, they would be following Amazon's original model of reselling the capacity it wouldn't be using in its data centers, to outside customers -- perhaps the most disruptive single business idea since electric wiring.
The only way to do this is for telco engineers to pave clear and inviolable boundaries dividing their internal resources from customer-facing resources.
3GPP (named back when its members thought 3G would hang around longer) is the primary global standards group that specifies 5G, being comprised of engineers from the world's 5G stakeholders. In October 2017, 3GPP issued one of its first Internet Draft documents, acknowledging its definitions were still somewhat up in the air. Then in July 2018, the group issued an update, in which its definition became both sharper and bigger:
A network slice is defined as an end to end logical communication network, within a Public Land Mobile Network (PLMN) and includes the Core Network (CN) Control Plane, User Plane Network Functions and 5G Access Network (AN).
Respectively, this definition refers to the part that manages the communication, the part that performs packet routing and forwarding (like an Internet), and the part that makes the network accessible to devices.
It's much more complex than it looks, which is saying something. This 3GPP diagram is an example of three different configurations a network slice may assume, under the architecture adopted in 2018 for 3GPP Release 15 (the initial components of 5G). Each of the colored blocks here represents a virtual network function (VNF). At one end of the connection, obviously, are mobile devices; at the other end are data networks (DN1, DN2, DN3) that are represented by clouds not because they're cloud-based, but because historically, a cloud is the shape telephone network engineers have used to mean "whatever," or, details unimportant to this architecture.
What's most important to note here is that 3GPP configures just the VNFs necessary to establish a data connection between server and client. Collectively, these VNFs provide the network access, security, and policy control functions needed for the user application represented by the slice to interface with the wireless network stack. In certain cases where one user may be running more than one application, certain VNFs can be shared, which is what's happening here when part of Slice #1 merges with Slice #2.
What you're looking at here is what engineers call horizontal slicing, not just because that's the way the artist chose to depict it in the diagram. In this configuration, each slice has only the functions necessary to run the application (the "user function"), and its VNFs interface with the network. In other words, it doesn't hand over control of the network, or some part of the network, to a user function.
For instance, suppose a manufacturing plant has deployed a large cluster of Internet-of-Things (IoT) devices across its entire facility, communicating wirelessly. Theoretically, the wireless service provider could apportion a network slice to a customer for use as the hub controller for these devices, so that their control plane would be very close to where their data will be initially gathered together and processed. This could work if network slices were horizontal -- if the image being served of the network application was like a virtual machine in the cloud, representing just the functions being used by the application. All each slice perceives are the resources applicable to it, just like in the diagram.
"This network slicing thing is, to me, the most fascinating part of 5G," remarked Wally Swain, senior vice president with analyst firm 451 Research, during the 2018 Brooklyn 5G Summit. "Is network slicing a way to expand the capability of a given slice of spectrum? Is it even something that regulators should then be looking at, and saying, 'This is my way to increase competition in a market, by forcing slices to be on a wholesale tariff?' -- or that kind of thing."
These are questions at the heart of this fundamental architectural issue. Adopting the 3GPP plan could mean opening up the cloud services market to a multitude of much smaller players, or potentially throwing a life preserver to operators such as Oracle and Rackspace that weren't able to keep up with the growth of the Big Three cloud providers. That's a possibility telcos weren't expecting. It's enough for them to consider going up against Amazon, without also having to look over the shoulder at the encroachment of mom-and-pop-dot-net.
But what if the customer wants to go one step further: Controlling the wireless fabric for its manufacturing plant, not just the applications running on it? For that capability, it would require a vertical slice -- a division of resources that takes into account everything a wireless network requires to be a wireless network. It would give a major customer a way to leverage wireless spectrum as the fabric of its data center, administering wireless connections just like it would administer wired ones. Big enterprises don't see why, the moment they have to take to the air, they should go through a middleman.
As you might imagine, telcos aren't willing to delegate that level of control. Some are arguing that it's not only unfeasible, but it's also illegal.
"Think of 5G and network slicing. That's a can of worms!" remarked Dr. Gerhard P. Fettweis, coordinator of Germany's 5G Lab and a professor at Technische Universität Dresden. "How are you going to handle all this from an integrity, privacy, security [standpoint], knowing that your hardware is not going to be fail-proof -- because two years from now, we're going to have four major updates of the system, because we found out somebody could've been malfunctioning the system?"
It isn't that AT&T, Verizon, and the successor company to the T-Mobile and Sprint merger have some suppressed, nascent desire to go into competition against Amazon, Microsoft Azure, and Google Cloud. But they may be reselling cloud capacity to companies large and small that could certainly disrupt the cloud providers' best-laid plans. These would include many of the cloud providers' largest enterprise customers, who may be willing to spend premiums on operating their own global, fiber optic cable-linked networks as though they were their own data centers.
It was a heated debate in 2018. But by 2019, the slicing direction issue had been left mostly unresolved.
"I got the impression that recently, it lost momentum somehow," remarked Andreas Mueller, head of 5G, IoT, and Connectivity Research with German manufacturing giant Bosch, as he was moderating a panel during the 2019 Brooklyn 5G Summit last April.
"For me, network slicing is a way to enable multi-service support, to extend the number of use cases," explained Dr. Simone Redana, head of network and architecture at Nokia Bell Labs, responding to Mueller's comment. "As with every technology, the next step is to understand, what is the business model for that?" He cited his laboratory's two-year research project, begun last February, in cooperation with Deutsche Telekom and the Port Authority of Hamburg, called 5G MoNArch (an acronym longer than some of my articles). That project has already begun testing a variety of slicing strategies, where wireless transmitters -- some stationed atop television transmitters -- are directly accessing traffic lights, industrial seaport monitors, and environmental sensors.
Rolling your own 5G
It isn't clear which slicing direction will emerge from this experiment as a recommendation if any. But such an emergence would only happen in 2021. And for its part, Bosch isn't willing to wait that long.
At the 2018 Brooklyn 5G Summit, Bosch introduced its vision of a 5G wireless system that, theoretically, could be maintained and operated by its own IT staff. The company would provide 5G service specifically to its factory facilities. This way, the manufacturing devices, including robots, scattered throughout its factory floors could replace their embedded firmware control with low-latency connectivity to a centralized data center. These devices' governing processes could become managed using more modern software development methods, including continuous integration and continuous delivery (CI/CD) -- updating and upgrading tools in production every few days instead of every few years.
What's more, without all that firmware to maintain, manufacturing devices would consume less power. All the Internet-of-Things (IoT) gadgetry that distributed devices would need to transmit their operating status back to a central hub would become unnecessary, as they'd be directly connected to a data center that would bypass such a hub.
"We're really thinking about operating our own 5G networks in our factories," said Bosch's Mueller at the time. "Of course, even Bosch cannot build up a team of a hundred people or so just doing this job. It's not just about a user plane that needs to be considered, but also the operation and management plane. And it has to be simplified somehow.
"But we also don't need the full complexity and flexibility that we currently have in cellular networks," he continued. "Rolling out a network and operating it across the United States is one thing. Doing the same thing for a factory of only five small cells is another thing."
Since that time, Bosch moved forward with plans to forego the whole slicing route, petitioning the German government for -- and receiving -- its own band of spectrum for operating a wireless network. Other major German firms, including Volkswagen, are following suit. In so doing, they're sparking a movement that could spread throughout Europe: an effort to leverage 5G principles to disaggregate the wireless network from its own major customers.
It would be a nightmare scenario for US telcos, pulling the rug out from under the entire foundation of their 5G business model. But as of now, they're not offering anything by way of an alternative.
Telecommunications networks are required, not only architecturally but by law, to provide high levels of security that are only attainable through isolation. Some telcos today, including AT&T, say only physical isolation is possible between the network it operates and any part it would lease to commercial customers. So for the telco to operate a cloud network, as 5G architecture suggests it could, it would need to be in a separate building.
That wasn't the point of 5G, to begin with, though: Making telco functions part of a multi-tenant network that the telcos themselves would manage, was part of the whole idea of reducing costs and regaining investment expenditures -- indeed, of making the move to 5G turn anything resembling a profit.
This, too, is a data center
It surprises precisely no one that VMware has proposed a solution to this dilemma. But the boldness of its assertions this time around is somewhat stunning: Perfect isolation, the company is saying, is attainable on a virtualization platform. (That might have been nice to know a decade or so ago.)
"We call it Virtual Service Networks," said Constantine Polychronopoulos, a VMware engineer in the office of the CTO for its Telco/NFV business unit. "And the idea is very simple: Truly virtualize the network with the ability to stand up essentially a nationwide infrastructure of heterogeneous physical networks, in a programmatic way. As opposed to taking months and years to roll out a new network, we would be able to do it in a few hours."
The scale of what Polychronopoulos is proposing appears preposterous at first. Rather than operate a multiplicity of data centers, each with its own orchestration, VMware's VSN vision would conglomerate absolutely everything into a single cloud, including telcos' own network cores and the segments they would lease to service providers.
Mobile virtual network operators (MVNO) lease both cloud capacity and network spectrum from telcos and ISVs today. But the provisioning time takes months, partly because it involves physical construction. Simply the inclusion of this physical element, argues Polychronopoulos, places the entire project in the realm of capital expenditure. Budgeting for CapEx almost automatically mandates over-provisioning.
"What we want to do is be able to leverage virtualization," he told ZDNet,"and really create virtual networking in an end-to-end fashion, so that somebody who wants to provision anything from a small application to an entire network, like an MVNO, can do so in a few hours, defining the network in a fully programmatic way."
Polychronopoulos wants to take a page from the success of microservices and automated staging systems such as BOSH, and build a single system from which any network configuration may be specified as code. This would be a multi-tenant system. There would be types of slices ("flavors?") in this system, some of which would be suited to cases such as Bosch's factory floor, others are more relevant to MVNOs. A front-end system, which he calls a "slice selector," would attach the best-fitting slice type to the business case that the customer specifies.
AT&T's Elbaz is already on record as saying such a multi-tenant system would be impossible -- that not just security practices but federal statutes would prohibit mixing customer services with core communications assets. VMware's Polychronopoulos counters that maintaining physical separation between the two service classes could render the final 5G cloud network impossible, at least from the perspective of maintenance.
So would VSN work like a certain orchestrator, perhaps as a "Mobility Operator Re-imagined as Kubernetes (MORK)?" Actually no, explains Marc-André Bordeleau, a staff software engineer at VMware and one of its representatives to 3GPP. In a system where every virtual network function (VNF) would correspond to a pod, Bordeleau told ZDNet, there would be no mechanism for accounting for quality of service (QoS), and no way to prioritize certain tiers of traffic over others. It's this ability to subdivide the network into service tiers, and then divide those tiers further into tenants and services, that will enable the telco network and the customer network to inhabit the same cloud.
"If you have a network slice for a connected car service," said Bordeleau, "latency is critical. This needs to have less than three-millisecond latency end-to-end. But another slice for video streaming must not interfere with this connected car slice, because otherwise, it would break the three-millisecond latency SLA. For video streaming, bandwidth is important. We make sure it gets its 100 Mbps bandwidth, and the IoT and the smartphone will not interfere with that. So this way, we really, virtually, isolate and separate the slices in the network, so that each network is independent, and they can operate and respect their own SLAs."
All or nothing
Grand visions, throughout the history of technology, more often fail to come to fruition than produce lasting products or services. If VMware's grand vision for VSN were to join that long list of very good companies, telcos would be left to their own devices to resolve how they'll manage physically bifurcated nationwide networks.
But if VSN catches that certain spark, let's not understate what it would need to achieve to take root. It would create nothing less than Earth-sized clouds, comprised of thousands of large and small facilities -- as opposed to a dozen or so hyperscale complexes -- that would be connected at light speed. On the off-chance that all this works, it could at least place a dent, and perhaps effectuate a genuine puncture, in Amazon's and Microsoft's and Google's public cloud business models. Remember, some of these providers got out of the phone-making business to concentrate on cloud.
Put another way, for the dream of 5G to succeed, it probably needs to defeat the most successful business concept of the 21st century thus far. (No, I don't mean 4G.) How telcos finally choose to respond to the network slicing question may be the make-or-break moment for their entire industry.