5G will be extraordinary – for every industry, every business, and every experience. But 5G is more than the radio! To truly deliver on the promises of 5G you need an IP infrastructure that’s capable of shifting your network up into 5th gear. By making the right investments in your IP network now, your 5G network can take off faster, scale better, and go the distance.
Prepare your IP transport network for the 5G era. Read on this article to learn what it takes to get to 5G fast and go the full distance:
Nokia IP networking solutions for 5G help you to:
- Connect and scale the 5G RAN with IP Anyhaul
- Converge 5G with a Multi-access Edge Gateway
- Unleash 5G services with Cloud Interconnect
- Automate 5G with insight-driven IP networking
- Secure 5G with 360° volumetric DDoS protection
Entering the 5G era
Is your IP network ready for 5G?
Solutions for IP network 5G readiness
Connect 5G with IP Anyhaul
Converge 5G with a multi-access edge
Unleash 5G with Cloud Interconnect
Automate 5G with insight-driven IP networking
Secure 5G with integrated DDoS protection
5G is a promising technology that introduces new radio technology capable of connecting humans and machines at a massive scale and delivering extraordinary new service experiences for consumers, digital enterprises, smart cities, and Industry 4.0.
The IP network plays a critical role because the Internet Protocol is the common bearer for all 5G services. 5G mobile transport requirements go well beyond those needed for 4G/LTE and the IP network must be purpose-built for 5G to ensure that all traffic can flow reliably and securely without congestion.
This article discusses the IP network evolution requirements for the 5G era and the enabling technologies and solutions that Nokia offers to address these needs.
Entering the 5G era
The 5G race is on, and initial deployments are taking off around the world. The stakes are high: Most nations see 5G as a crucial technology to effectively compete in the digital economy, and auctioning 5G licenses is a welcome source of revenue.
But the 5G race is not a sprint. It’s a marathon, and we are still in the early adoption phase where operators compete for the first-mover advantage. The scale of these initial deployments is relatively small because few 5G-capable devices and frequencies are available. Most operators start in the non-standalone mode, which allows interworking 5G New Radio (NR) with their existing 4G core networks. The impact on the IP network is therefore limited and comparable to a capacity upgrade of existing 4G/LTE macrocells.
However, this situation will change dramatically as more 5G-capable devices and radio spectrum become available and 5G enters the mass market. The 5G RAN must scale-out with smaller and denser cells to increase capacity, driving new requirements for low-latency fronthaul and midhaul transport. 3GPP Release 16 introduces a next-generation, cloud-native 5G core and specifies a standalone mode for 5G RAN interworking that enables even higher speeds (up to 10 Gb/s) and ultra-reliable, low-latency communication services for massive machine-type communications (MMTC) and mission-critical applications. Network slicing is added to deliver differentiated services with deterministic SLA guarantees over a common IP transport network without resource contention.
As 5G evolves, the introduction of MMTC will cause IP traffic patterns to diverge. Enhanced mobile broadband traffic is predominantly consumer content with highly asymmetric flows. But machines generate far more symmetric traffic flows with any-to-any connectivity requirements as they exchange real-time data with distributed servers in the multi-access edge cloud.
The IP network must continuously evolve and adapt during the entire 5G deployment life cycle to support a smooth transition between phases (see Figure 1).
Is your IP network ready for 5G?
The IP network is essential for 5G because the Internet Protocol is the bearer for all its services. 5G requires mobile transport capabilities that go well beyond those needed for 4G (see Figure 2).
- An ultra-dense and massively scalable RAN architecture with many deployment options to split and distribute network functions will drive a need for near-infinite backhaul capacity with a predicted 100x increase in the next ten years.
- Centralization and virtualization of RAN functions will require reliable, secure, and scalable fronthaul and backhaul transport with imperceptible latency of single-digit milliseconds.
- Multi-access edge computing (MEC) for hosting compute- and storage-intensive functions and applications will require ultra-reliable, low-latency delivery, and any-to-any connectivity.
- The cloud-native 5G service core may be highly distributed over hundreds of central offices and data centers and will require a highly agile, resilient, and automated transport fabric with dynamic network slicing to deliver on-demand services with deterministic SLA guarantees.
The 5G technology cycle will easily last a decade, and your IP network must have the capacity, adaptability, and stamina to carry you through the 5G evolution cycle without forklift upgrades. Your IP network must:
- Ensure that all traffic can flow freely without congestion, from the data centers and edge cloud where services live to the access network where users connect
- Be highly automated to enable the 5G digital service evolution and meet operational benchmarks on service velocity, agility, and efficiency
- Be highly reliable and secure, to protect your users, their valuable data, and your 5G infrastructure against distributed denial of service (DDoS) attacks, data thefts, and eavesdropping.
The following sections review available solutions to help you prepare your IP network for 5G.
Solutions for IP network 5G readiness
The IP transport network performs the following functions in a 5G network:
- IP Anyhaul: IP access and edge aggregation for the 5G RAN.
- Multi-access edge: Fixed and wireless access convergence.
- Cloud Interconnect: IP transport for the 5G edge and core.
- Automation: Open and machine-programmable interfaces.
- Security: Data protection and volumetric DDoS mitigation.
The following sections discuss the Nokia solutions that cover these functions.
Connect 5G with IP Anyhaul
IP Anyhaul delivers cost-optimized, fit-for-purpose transport to aggregate massive-scale access.
- Fronthaul is used for centralized 4G/5G RAN and Cloud RAN deployments in dense urban scenarios to transport time-sensitive Ethernet traffic (eCPRI, SyncE) between remote radio units (microcells) and distributed units containing baseband processing and control (baseband units [BBUs]).
- Midhaul transport is used for 5G Cloud RAN deployments in urban metros to interconnect larger 5G radio units (small cells) and distributed units with centralized units in the far edge where mobile gateway and MEC functions are located.
- Backhaul applies for any deployment scenario to securely interconnect distributed 4G/5G macrocells and aggregate IP traffic from centralized units in the edge cloud.
- Cloud Interconnect provides IP transport within the distributed edge and core cloud, as well as data center, interconnect and peering functions with the public internet and private clouds.
To optimally cover different geographies and population densities will require a combination of distributed and centralized RAN architectures. Although fronthaul and midhaul are typically not needed until later in the 5G deployment cycle, to support higher cell densities for the mass market, it is important to anticipate their introduction early to assure they become a seamless and integral part of the end-to-end IP transport network.
IP Anyhaul for any topology helps to cost-efficiently scale-out your 5G RAN by providing the flexibility to distribute lower-layer and higher-layer RAN functions as needed to optimize your deployment strategy (see Figure 4).
Although IP Anyhaul access and aggregation equipment use widely available merchant silicon components, there are very specific requirements and constraints that can only be met by highly customized and purpose-built hardware designs and equipment practices.
Fronthaul and midhaul equipment must be extremely robust and resilient, to comply with NEBS Level 3 operating specifications, and hardened for deployment in harsh environments. Equipment must be tailored to fit in the limited space available in cell tower enclosures or radio huts. Strong support capabilities for remote operations, administration, maintenance, and provisioning (OAMP), including network telemetry and in-service software upgrade, are essential to minimize the frequency and cost of servicing field installations.
Performance and operational constraints differ greatly between fronthaul and midhaul and also have a direct impact on hardware design.
Fronthaul must support both bursty, high-volume traffic and time-sensitive flows with very strict, deterministic, ultra-low latency and jitter for clock synchronization. These constraints can only be met by special hardware provisions for queuing and scheduling packets (per IEEE 802.1 TSN standards).
Midhaul and backhaul transport have more relaxed latency constraints but need dedicated hardware for transport security (IPsec or MACsec encryption). Also, specific protocols and interface types are needed for interconnecting 5G radio such as eCPRI and 25 GE that is typically not available on IP/Ethernet commodity equipment.
Although 5G is the key driver for IP Anyhaul evolution and expansion, 5G radio will share many 4G/LTE infrastructure assets in its initial deployment phase, including spectrum, towers, radio huts, access, and backhaul infrastructure. Any-generation support will enable you to consolidate and converge 3G, 4G/LTE, and 5G RAN assets to optimize cost economics. The Nokia IP Anyhaul solution uses a common operating system across fronthaul, midhaul, and backhaul for a smooth transition to 5G and a seamless user experience until 5G coverage is ubiquitous (see Figure 5).
Converge 5G with a multi-access edge
Although 5G is strongly oriented to NR technology and mobile service evolution, the 5G edge and core are designed to support multiple access technologies. In addition to supporting very high bandwidth capacities per user, a multi-access broadband strategy for integrating fixed wireline and 5G fixed wireless access offers several important benefits:
- Delivers broadband service in underserved areas, either as an overbuild in brownfield areas with poor wireline coverage or as an intermediate step in greenfield wireline deployments
- Delivers a ubiquitous and seamless broadband experience across fixed wireline, 4G/LTE, and 5G NR access in non-standalone options 3, 3A, and 3X.
- Delivers cost-efficient multicast services via local multicast replication on the multi-access edge instead of using costly evolved Multimedia Broadcast Multicast Services (eMBMS)
- Enhances broadband reliability by bonding fixed and 5G fixed-wireless access to support highly reliable broadband services for business and industrial users.
Nokia is the global leader in edge routing, and the Nokia 7750 Service Routers have a strong and proven track record in Broadband Network Gateway (BNG) applications. Nokia is actively engaged with the Broadband Forum, 3GPP and the IETF to define the necessary standards for fixed wireline broadband integration into 5G and the evolution of the BNG to a Multi-access Network Gateway. Nokia also has a strong Cloud Mobile Gateway solution but the Cloud Packet Core is out of the scope of this article.
The first study area is interworking standards for Control and User Plane Separation (CUPS) for a Disaggregated BNG. Decoupling the BNG user plane allows the introduction of a common session management function (SMF) for both fixed and wireless broadband access.
CUPS also simplifies operations by enabling the independent location, scaling, and life cycle management for control plane and user plane functions. A single control plane running in a centralized virtualized network function (VNF) is then able to control and manage multiple user plane instances which may be distributed and separated from the control plane.
The second key study area is defining a 5G access gateway function (AGF) to enable existing fixed wireline access equipment to directly interwork with a universal 5G core (see Figure 6).
A multi-access edge gateway is a critical and strategic enabler for converging fixed wireline and fixed wireless access onto a common 5G core. It allows you to deliver any service over any access while benefitting from the superior agility and programmability of a cloud-native 5G service architecture.
Unleash 5G with Cloud Interconnect
5G introduces a service-based architecture that uses a distributed edge and core cloud in which network and service functions can be flexibly placed to optimize capacity, latency, and reliability requirements for different use cases. User plane, compute and storage functions that require high throughput and low latency are typically placed in the edge cloud close to end-users. Management, control, and service functions with more relaxed latency requirements are placed in the core cloud where resources can be pooled for better economies of scale.
Network slicing is a key support technology that enables multiple tenants and diverse use cases to share a common, versatile transport network without resource contention or security issues. Network slicing provides deployment flexibility by enabling you to create logical network partitions that consist of dedicated and dynamically allocated sets of resources that are reserved for different purposes. For example, you could create different network slices for specific services or use cases or verticals such as health care, manufacturing, or automotive.
Network slices are operated in parallel and each can have its service-specific security, QoS, and bandwidth requirements to enable service flexibility. Also, you can authorize third parties to create or manage network slice configuration via suitable APIs or user portals, within certain configurable limits, allowing for business flexibility.
Network slicing traverses the RAN, WAN, and packet core. Service agility and programmability and end to- end resource management for network slices are very important considerations. However, various operational barriers such as administrative boundaries, disjoint service policies, and a mismatch of interworking protocols can impede service agility and create islands of automation between IT and IP domains.
Nokia Cloud Interconnect overcomes these barriers and establishes a smart IP transport fabric that gives you the freedom to dynamically place 5G user and control plane functions anywhere in the 5G service cloud to optimize cost and performance (see Figure 7).
The instrumentation for Nokia Cloud Interconnect is based on Network Functions Interconnect (NF-IX), an open-architecture framework based on scalable and proven technologies and standards such a Multiprotocol BGP, Segment Routing – Traffic Engineering (SR-TE) and seamless MPLS. As you instantiate and move dynamic workloads, Nokia Cloud Interconnect automatically engineers and provisions the necessary transport services in the appropriate network slices and assures deterministic latency and throughput. Nokia Cloud Interconnect uses a centralized software-defined networking (SDN) controller to dynamically map the virtualized service overlay on the physical transport underlay topology.
Automate 5G with insight-driven IP networking
Network and service automation is essential to manage the complex task of operating a unified IP network fabric to deliver digital services at a cloud-scale while meeting cost, performance, and quality objectives. The IP network must deliver:
- Operational agility to quickly on-board and operationalize new equipment, vendors, components and services as your 5G infrastructure evolves
- Operational velocity to enable zero-touch service delivery and rapidly correct SLA issues
- Operational efficiency by streamlining operations and automating frequent tasks and complex workflows
- Operational reliability and simplicity to ensure that automation outcomes meet the intended results, and by providing actionable insight and recommendations to help human operators make timely and accurate decisions.
The operational scale and dynamics of the 5G era place tremendous stress on the network management and control plane. Conventional management and control plane interfaces and protocols such as Simple Network Management Protocol (SNMP) and command-line interfaces (CLIs) primarily cater to interactive use by human operators and are too cumbersome and brittle to support the orders-of-magnitude-higher transaction rates of machine-based programming and batch processes.
The IP network and its operating system must become far more agile, responsive, and reliable to support real-time network visibility and control automation. The Nokia IP network solutions and SR OS address these network automation requirements through:
- Secure and redundant control processor modules equipped with high-performance multi-core processors using a 64-bit architecture
- A highly efficient, robust and versatile operating system using symmetric multi-processing to leverage the capacity of all CPU cores and optimize the performance of individual tasks
- Streaming, model-driven telemetry to enable real-time data analytics and dramatically speed up response times for corrective actions compared with conventional monitoring approaches that rely on polling network equipment using SNMP MIBs or CLI scripts
- Model-driven networking APIs based on an MD-CLI, NETCONF, Google Remote Procedure Calls (gRPC) and, Google Network Management Interface (gNMI) with YANG and OpenConfig information models; these model-driven networking APIs are essential for transactional machine-based process automation.
Nokia’s Insight-driven IP networking solution (see Figure 8) leverages these machine-programmable IP networking interfaces in a closed-loop automation model that integrates the Nokia NSP multi-vendor Carrier SDN platform and Nokia Deepfield multi-dimensional data analytics.
Insight-driven IP networking helps operational staff master complexity and prioritize issues by providing actionable insight and recommendations while saving valuable time by automating repetitive routine tasks. By leveraging the latest developments in AI and machine learning, it lets operators cut through the complexity and timely and accurately respond to operational issues before they escalate into customer complaints.
The Nokia Network Services Platform (NSP) is a multi-vendor, multi-layer management, and control platform that helps you simplify operations and automate workflows by translating abstract service-level objectives into device-level policies and actions that can be implemented and enforced by the IP network.
The multidimensional data analytics of Nokia Deepfield convert the constant flow of streaming telemetry data into insight that human operators can use to verify whether network outcomes meet the intended goals and to drive corrective actions.
Secure 5G with integrated DDoS protection
Ultimately, business success depends on your ability to protect your 5G infrastructure, your data—and your customers. In the race to 5G, you need to rely on an IP network you can trust. The IP network systems and operating system software must be designed for resiliency and security to preserve their integrity and prevent them from being compromised by bad actors. The security of IP service gateways is especially critical because it may contain and exchange valuable user data and subscriber credentials.
5G introduces significant new security risks that require a comprehensive end-to-end security strategy. Open interfaces, opensource software, the use of commonly available IT solution components, and the addition of billions of unverified devices dramatically increase the attack surface for volumetric DDoS attacks and other security threats and attacks. Because 5G offers far more access bandwidth than previous generations, it requires far fewer compromised users and hijacked Internet of Things (IoT) devices to launch very powerful flooding attacks.
Volumetric DDoS attacks are responsible for over 99 percent of malicious traffic volumes and continue to increase in magnitude, frequency, and sophistication. Implementing an effective and cost-efficient defense strategy is essential.
For the most effective countermeasures against volumetric DDoS, your IP network must be an integral part of your DDoS mitigation solution. Moreover, your IP routers must have the latest processing capabilities to achieve the scale and efficiency required to apply large-scale filtering and advanced packet inspection capabilities to surgically remove DDoS traffic from legitimate traffic flows.
Cleansing volumetric DDoS by redirecting affected user traffic to dedicated firewalls with deep packet inspection (DPI) capabilities is costly and cumbersome and slows down latency-sensitive traffic. These solutions are typically deployed offline and can at best only protect a fraction of all network traffic. Only in-line solutions—which can filter and mitigate the threats and attacks at line-rate—are effective to protect latency-sensitive traffic against volumetric DDoS attacks.
Nokia IP service routers equipped with FP4 silicon offer a cost-effective and scalable alternative that can surgically filter volumetric DDoS traffic in-line on any interface port while maintaining deterministic forwarding performance. (For details, see the Nokia application note “Volumetric DDoS mitigation.”)
Nokia FP4-based service routers can be deployed at the provider edge, peering edge, and as data center gateways to secure the entire network perimeter and shield the 5G core against volumetric DDoS attacks from compromised users, IoT botnets and cloud data centers (see Figure 9).
FP4 is the latest generation of a custom-designed packet processor used in the Nokia Service Router portfolio. The FP4 processor offers 3 Tb/s forwarding capacity with enhanced packet intelligence and control capabilities that can facilitate stateless payload inspection of traffic patterns with up to 256-byte offsets to match the unique byte patterns that identify DDoS packet signatures.
Each FP4-based forwarding complex can dynamically manage up to 256,000 access control filter entries to effectively mitigate direct flooding attacks from even the largest IoT botnets. The FP4 processor can collect granular, real-time telemetry data, and packet samples, which is critical for agile detection and mitigation of DDoS attacks.
Nokia’s award-winning, network-based DDoS security solution uses Nokia Deepfield Network Firewall to detect DDoS attacks and orchestrate mitigation. The solution integrates Deepfield Network Firewall with FP4-based service routers to deliver cloud-based, real-time DDoS analytics and agile, router-based mitigation of volumetric DDoS attacks. Service routers feed Network Firewall with highly granular, streaming telemetry data on DDoS attacks in progress and with information obtained from payload inspection of suspicious packets.
Network Firewall observes traffic anomalies for commonly used traffic protocols and, with additional intelligence obtained from packet samples from suspicious flows, can more precisely determine the DDoS attack vectors and identify their packet signatures. Network Firewall then immediately deploys surgical DDoS countermeasures by programming the appropriate FP4 packet filters on service routers in real-time, resulting in efficient and agile mitigation.
The Nokia DDoS solution enables an automated, scalable, and cost-effective DDoS detection and mitigation framework that can help you save up to 85 percent on network cost compared to traditional DDoS security solutions based on redirecting traffic to a scrubbing center.
In the race to 5G, you need to rely on an IP network that can go the distance. To start your 5G journey on the right foot and carry you through the entire 5G deployment cycle, you need a forward-looking IP network with stamina: the scalable capacity to keep growing, adaptability to keep innovating, and longevity to outlast your competitors.
In a world that is increasingly driven by software, Nokia believes that hardware still matters. Silicon is the DNA of network systems. The choices we make in designing our silicon and the platforms we build with those choices will determine your networking outcomes today and tomorrow.
5G has great potential for disruptive changes. Our programmable FP4 routing silicon, modular equipment practices, and open, extensible platforms and management solutions are designed to help you navigate these changes and protect your network investments. They help you build an innovative IP network that can evolve with your needs under a single, common operating system. Equipped with insight-driven automation, it will let you deliver services faster, run your network efficiently, and ensure your customers get the quality and security they expect.
Many moving parts must come together to build a 5G network that fits your needs today and tomorrow. If your IP network is not an integral part of the solution, it will become a source of more problems. Nokia is the only global equipment supplier offering complete, proven, and in-house developed solution sets in all 5G domains:
- 5G RAN
- IP Anyhaul
- Multi-access edge
- 5G core
- Cloud Interconnect.
Our industry-leading technologies and comprehensive choice of best-in-class platforms help you get the most out of your 5G investments.
We pride ourselves on building the biggest networks on the planet. We understand each network is unique, and over the past two decades, we have built IP networks for over 750 communications service providers of all sizes and in all regions.
At Nokia, we create the technology to connect the world, and our network architects and solutions experts will go the extra mile to get you to 5G faster and take you further.
3GPP 3rd Generation Partnership Project
7250 IXR Nokia 7250 Interconnect Router
7750 SR Nokia 7750 Service Router
AF application function
AI artificial intelligence
AGF access gateway function
AMF access and mobility management
AN access node
API Application Programming Interface
AUSF authentication server function
BNG Broadband Network Gateway
CLI command-line interface
CO central office
CPRI Common Public Radio Interface
CU centralized unit
CUPS Control and User Plane Separation
DCI data center interconnect
DDoS distributed denial of service
DU distributed unit
eCPRI enhanced Common Public Radio
eNB evolved Node B
eMBBS evolved Multimedia Broadcast
ETR extended temperature range
FTTx fiber to the anything
GE Gigabit Ethernet
HFC hybrid fiber-coaxial
IEEE Institute of Electrical and
IETF Internet Engineering Task Force
IoT Internet of Things
IPsec Internet Protocol security
LTE long term evolution
MACsec media access control security
MD-CLI model-driven command-line interface
MEC multi-access edge computing
MMTC massive machine-type communications
MPLS Multiprotocol Label Switching
NETCONF Network Configuration Protocol
NR New Radio
NSP Nokia Network Services Platform
PCF Policy Control Function
PNF physical network function
QoS Quality of service
RAN radio access network
RU remote unit
SLA service level agreement
SMF session management function
SNMP Simple Network Management Protocol
SR OS Nokia Service Router Operating System
SyncE Synchronous Ethernet
UDM unified data management
UE user equipment
UPF user plane function
VSR virtualized service router
WAN wide area network
xDSL any digital subscriber line
YANG yet another next generation