Multi-Campus ICT Equipment Virtualization Architecture

Multi-campus ICT equipment virtualization architecture for cloud and NFV integrated service

Abstract- We propose a virtualization structures for multicampus information and communication technology (ICT) equipment with involved cloud and NFV functions. The purpose of this proposal is to migrate most of ICT equipment on campus premises into cloud and NFV websites. Adopting this architecture would make almost all of ICT services secure and reliable and their catastrophe recovery (DR) financially manageable.

We also evaluate an expense function and show cost features of this proposed architecture, describe execution design issues, and survey a preliminary experimentation of NFV DR business deal. This architecture would encourage academics institutes to migrate their own ICT systems located on their premises into a cloud conditions.

Keywords; NFV, Data Middle Migration, Disaster Recovery, Multi-campus network


There are numerous academic institutions that have multiple campuses located in different cities. These corporations need to provide information and communication technology (ICT) services, such as E-learning services, evenly for many students on each campus. Usually, information technology (IT) infrastructures, such as program machines, are deployed at a primary campus, and these servers are utilized by students on each campus. For this function, each local area network (LAN) on each campus is linked to a main campus LAN with a online private network (VPN) over a broad area network (WAN). In addition, Internet access service is provided to all or any students on the multi-campus environment.

To access the Internet, security devices, such as firewalls and intrusion recognition systems (IDSs), are essential as they protect computing resources from destructive cyber activities.

With the emergence of virtualization technologies like the cloud computing[1] and network functions virtualization (NFV)[2], [3], we expected that ICT infrastructures such as compute machines, storage space devices, and network equipment can be shifted from campuses to datacenters (DCs) economically. Some organizations have started to move their ICT infrastructures of their own premises to exterior DCs to be able to improve security, balance, and stability. Also, there are a lot of efforts to archiving DR capacities with cloud systems [4], [5],

[6]. Active-passive replication or active-active replication are expected techniques that archive DR capabilities. In these replications, a redundant back-up system is required dedicatedly at a secondary site. With migration restoration [4], these backup resources can be shared among many users.

These studies mainly focus on the application machines. While, included DR capability for ICT infrastructures, both program and network infrastructures, remain immature.

We propose a multi-campus ICT equipment virtualization architecture for integrated cloud and NFV capabilities. The purpose of this proposal is to migrate whole ICT infrastructures on campus premises into cloud and NFV platforms.

Adopting this structures for multi-campus networks would improve access link utilization, security device utilization, network transmission delay, catastrophe tolerance, and manageability at the same time.

We also analyze the cost function and show cost advantages of this proposed architecture.

To evaluate the feasibility of the proposed architecture, we built a test foundation on SINET5 (Technology Information NETwork 5) [7], [8], [9]. We identify the test-bed design, and initial experimentation on minimizing the restoration time of VNF is reported.

The rest of this paper is arranged as follows. Section II shows backdrop of this work. Section III shows suggested multi-campus network virtualization architecture. Section IV shows an evaluation of the suggested architecture in conditions of cost advantages and execution results. Section V concludes the newspaper, and future work is discussed


SINET5 is a Japanese academics backbone network for approximately 850 research institutes and colleges and provide network services to about 30 million educational users.

SINET5 was wholly made and placed into operation in Apr 2016. SINET5 plays an important role in encouraging a variety of research fields that require high-performance connectivity, such as high-energy physics, nuclear fusion knowledge, astronomy, geodesy, seismology, and computer science. Body 1 shows the SINET5 structures. It provides items of existence, called "SINET-data focuses" (DCs), and SINET DCs are deployed in each prefecture in Japan. On each SINET DC, an online protocol (IP) router, MPLS-TP system, and ROADM are deployed. The IP router accommodates gain access to lines from research institutes and colleges. All Every pairs of internet protocol (IP) routers are linked with a paier of MPLS-TP paths. These paths achieves low latency and high reliability. The IP routers and MPLS-TP systems are linked by the 100-Gbps-based optical course. Therefore, data can be sent from a SINET DC to another SINET DC in up to 100 Gbps throughput. In addition, users, who have 100 Gpbs gain access to lines, can transfer data to other users in up to 100 Gbps throughput.

Currently, SINET5 offers a direct cloud interconnection service. With this service, commercial cloud providers hook up their data centers to the SINET5 with high-speed website link such as 10 Gbps hyperlink directly. Therefore, academic users can access cloud computing resources with very low latency and high bandwidth via SINET5. Thus, academics users can receive high-performance computer communication between campuses and cloud computing resources. Today, 17 cloud companies are directly linked to SINET5 and even more than 70 universities have been using cloud resources immediately via SINET5.

To evaluate electronic technology such as cloud processing and NFV technology, we produced at test-bed platform (shown as "NFV program" in fig. 1) and will measure the network delay effect for ICT service with this test foundation. NFV platform are designed at four SINET-DCs on major places in Japan: Sapporo, Tokyo, Osaka, and Fukuoka. At each site, the facilities are composed of computing resources, such as machines and storages, network resources, such as coating-2 switches, and controllers, such as NFV orchestrator, and cloud controller. The layer-2 switch is connected to a SINET5 router at the same site with broadband website link, 100Gbps. The cloud controller configures servers and storages and NFV orchestrator configures the VNFs on NFV platform.

And end user can setup and release VPNs between universities, commercial clouds and NFV systems dynamically over SINET with on-demand controller. This on-demand controller set up the router with NETCONF user interface. Also, this on-demand controller installation the VPN corelated with NFV system with REST user interface.

Today there are numerous universities which includes multiple campus deployed over large area. On this multi-campus college or university, many VPNs (VLANs), ex a huge selection of VPNs, are desired to be configured over SINET to increase inter-campus LAN. In order to satisfy this demand, SINET starts new VPN services, called digital campus LAN service. With this service, coating 2 domains of multi-campus can be connected as like as covering 2 move using preconfigured VLAN rages

(ex girlfriend or boyfriend. 1000-2000).


In this section, the proposed architecture is identified.

The architecture contains two parts. First, we illustrate the network structures and clarify the problems with it. Next, a NFV/cloud control structures is defined.

A. Proposed multi-campus network architecture

Multi-campus network structures is shown in Body 2.

There are two legacy network architectures and a proposed network structures. In legacy network architecture 1 (LA1), Internet traffic for multiple campuses is sent to a primary campus (shown as a inexperienced series) and examined by security devices. From then on, the internet traffic is allocated to each campus (shown as a blue collection). ICT Applications, such as Elearning services, are deployed in a main campus and access traffic to ICT software is taken by VPN over SINET (shown as a blue lines). In legacy network architecture 2 (LA2), the web access differs from LA1. The Internet access is directly sent to each campus and examined by security devices deployed at each campus. Within the proposed architecture (PA), the main ICT program is relocated from a primary campus to an external NFV/cloud DC.

Thus, students on both main and sub-campuses can gain access to ICT applications via VPN over SINET. Also, internet traffic traverses via digital network functions (VNFs), such as online routers and electronic security devices, located at NFV/cloud DCs. Internet traffic is checked out in exclusive security devices and sent to each main/sub-campus via VPN over SINET.

There are benefits and drawbacks between these architectures.

Here, they may be compared across five points: access link usage, security device usage, network transmission delay, catastrophe tolerance, and manageability.

(1) Access link utilization

The cost of an gain access to hyperlink from sub-campus to WAN is same in LA1, LA2 and PA. While, the cost of an gain access to link from a main campus to WAN of LA1 is larger than LA2 and PA because redundant traffic traverses through the hyperlink.

While, in PA, yet another access hyperlink from a NFV/cloud DC to WAN is necessary. Thus, evaluating the total access website link cost is important. In such a evaluation, it is assumed that additional gain access to links from NFV/cloud DCs to WAN are shared among multiple academic establishments who use the NFV/cloud system and that the price will be evaluated taking this showing into account.

(2) Security device utilization

LA1 and PA is better than LA2 because Internet traffic is concentrated in LA1 and PA and a statistically multiplexed traffic result is expected. In addition to it, in PA, the amount of physical processing resources can be suppressed because virtual security devices share physical computing resources among multiple users. Therefore, the price tag on electronic security devices for every customer will be reduced.

(3) Network transmission delay

Network delay due to Internet traffic with LA1 is longer than that with LA2 and PA because Internet traffic to subcampuses is detoured and transits at the main campus in LA1, however, in LA2, network hold off of Internet to sub-campuses is straight delivered from an online exchange point on a WAN to the sub-campus, so wait is suppressed. In PA, network hold off can be suppressed because the NFV and cloud data middle can be determined and located near an Internet access gateway on WAN.

While, the network delay for ICT software services will be longer in PA than it in LA1 and LA2. Therefore, the result of an extended network wait on the quality of IT software services should be evaluated.

(4) Catastrophe tolerance

Regarding Internet service, LA1 is less disaster tolerant than LA2. In LA1, whenever a catastrophe occurs around the primary campus and the network functions of the campus go down, students on the other sub-campuses cannot gain access to the internet at this time.

Regarding IT program service, IT services cannot be reached by students when a catastrophe occurs around the main campus or data center. While, in PA, NFV/cloud DC is positioned in an environment sturdy against earthquakes and flooding. Thus, robustness is improved weighed against LA1 and LA2.

Today, systems capable of disaster recovery (DR) are obligatory for academic companies. Therefore, service devastation recovery functionality is required. In PA, online backup ICT infrastructures located at a second data centre can be shared with another individual. Thus, no dedicated redundant resources are needed in steady status operation, therefore the resource cost can be reduced. However, if VM migration cannot be fast enough to continue services, active-passive or active-passive replication need to be adopted. Therefore, reducing recovery time is required to adapt migration restoration to archive DR manageability more economically

(5) Manageability

LA1 and PA is simpler to manage than LA2. Because security devices are concentrated at a site (a primary campus or NFV/cloud data middle), the amount of devices can be reduced and improving manageability.

There are three issues to consider when adopting the PA.

  1. Evaluating the access website link cost of an NFV/cloud data center.
  2. Evaluating the network hold off impact for ICT services.
  3. Evaluating the migration period for migration recovery replication.

B. NFV and cloud control architecture For the next two reasons, there is certainly strong demand to use legacy ICT systems continually. Thus, legacy ICT systems have to be changed to NFV/cloud DCs as electronic application servers and electronic network functions. One reason is the fact institutions are suffering from their own legacy ICT systems on their own premises with vender specific features.

The second reason is an institution's work moves aren't easily transformed, and the same usability for end users is necessary. Therefore, their legacy ICT infrastructures deployed over a campus premises should be continuously found in the NFV/cloud environment. In the proposed multicampus structures, these application servers and network functions are handled by using per-user orchestrators.

Figure 3 shows the proposed control structures. Each establishment deploys their ICT system on IaaS services. VMs are manufactured and deleted through the application form user interface (API), which is provided by IaaS providers. Each institution creates an NFV orchestrator, application orchestrator, and management orchestrator on VMs. Both energetic and standby orchestrators are run in main and extra data centers, respectively, and both lively and standby orchestrators check the aliveness of every other. The NFV orchestrator creates the VMs and installs the online network functions, such as routers and virtual firewalls, and configures them. The application orchestrator installs the applications on VMs and models them up. The management orchestrator registers these applications and exclusive network functions to monitoring tools and will save the logs outputted from the IT service applications and network functions.

When a dynamic data center is suffering from disaster and the dynamic orchestrators decrease, the standby orchestrators discover that the productive orchestrators are down. They start creating the exclusive network functions and software and management functions. After that, the VPN is connected to the extra data middle being co-operated with the VPN controller of WAN.

In this architecture, each institution can select NFV orchestrators that support a user's legacy systems.


This section details an analysis of the access link cost of proposed network architecture. Also, the test-bed configuration is unveiled, and an analysis of the migration period for migration recovery is shown.

A. Access hyperlink cost of NFV/cloud data center With this sub-section, an evaluation of the gain access to website link cost of PA compared with LA1 is defined.

First, the network cost is thought as follows.

There is an institution, u, that has a main campus and nu sub-campuses.

The traffic amount of organization u is thought as follows different sites can be connected between a end user site and cloud sites by a SINET VPLS (Fig. 7). This VPLS can be dynamically set up by a website that uses the REST program for the on-demand controller. For upper-layer services such as Web-based services, online network gadgets, such as digital routers, electronic firewalls, and virtual load balancers, are created in servers through the NFV orchestrater. DR functions for NFV orchestrator is under deployment.

C. Migiration period for devastation recovery

We evaluated the VNF recovering process for devastation recovery. In this process, there are four steps.

Step 1: Host Operating-system installation

Step 2: VNF image copy

Step 3: VNF configuration copy

Step 4: VNF process activation

This process is started from the sponsor OS set up because there are VNFs that are tightly coupled with the host Operating-system and hypervisor. There are several kinds and types of host OS, so the number OS can be improved to suite to the VNF. After variety OS unit installation, VNF images are copied in to the created VMs. Then, the VNF construction parameters are fine-tuned to the attributions of the extra data center environment (for example, VLAN-ID and IP address), and the construction variables are installed into VNF. After that, VNF is turned on.

In our test environment, a exclusive router can be recovered from the primary data center to the extra data middle, and the full total duration of restoration is approximately 6 min. Each length of Steps 1-4 is 3 min 13 sec, 3 min 19 sec, 11 sec, and 17 sec, respectively.

To shorten the recovery time, presently, the standby VNF can be pre-setup and turned on. If the same construction can be employed in the supplementary data center network environment, snapshot recovering is also available. In this case, Step one 1 is taken out, and Steps 2 and 3 are replaced by copying simple shot of an active VNF image, which calls for about 30 sec. In this case, the recovering time is approximately 30 sec.


Our method using cloud and NFV functions can perform DR with less cost. We suggested a multi-campus equipment virtualization structures for cloud and NFV involved service. The aim of this proposal is to migrate whole ICT infrastructures on campus premises into cloud and NFV programs. This structures would encourage academic institutions to migrate their own developed ICT systems located on their premises into a cloud environment. Adopting this architecture would make entire ICT systems secure and reliable, and the DR of ICT services could be financially manageable.

In addition, we also examined the cost function, and revealed a cost advantages of this proposed architecture explained implementation design issues, and reported a preliminary experimentation of the NFV DR transaction/

Also We Can Offer!

Other services that we offer

If you don’t see the necessary subject, paper type, or topic in our list of available services and examples, don’t worry! We have a number of other academic disciplines to suit the needs of anyone who visits this website looking for help.

How to ...

We made your life easier with putting together a big number of articles and guidelines on how to plan and write different types of assignments (Essay, Research Paper, Dissertation etc)