ExampleUsecases: Update Example Usecases

- Update Example Usecases manual each chapter. - Add "uCPE system requirements" for all examples, specify number of physical NICs, RAM and cores (not vCPUs!) - Remove all figures - Remove all tables - Remove In-band Management example usecase Change-Id: Id183ba0cd1e9fca370d992273d797faadfcf9e3b Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
author: Sona Sarmadi <sona.sarmadi@enea.com> 2019-10-07 13:43:34 +0200
committer: Miruna Paun <Miruna.Paun@enea.com> 2019-10-11 15:12:53 +0200
commit: c809d907776503d4bdae0056a78ebb4d8840d559 (patch)
tree: 22aac1ec36f5503217b3e47f36b79e412b858753
parent: a5ce1952613df9f1286c2be8cfe81b625b7b7bbf (diff)
download: el_releases-nfv-access-c809d907776503d4bdae0056a78ebb4d8840d559.tar.gz
7 files changed, 392 insertions, 1139 deletions
diff --git a/doc/book-enea-nfv-access-example-usecases/doc/book.xml b/doc/book-enea-nfv-access-example-usecases/doc/book.xml
index 5071e01..fb9db8d 100644
--- a/doc/book-enea-nfv-access-example-usecases/doc/book.xml
+++ b/doc/book-enea-nfv-access-example-usecases/doc/book.xml
@@ -18,18 +18,15 @@
  <xi:include href="introduction.xml"
              xmlns:xi="http://www.w3.org/2001/XInclude" />
-  <xi:include href="clav_vnf_examples.xml"
+  <xi:include href="enea_test_vnf_examples.xml"
              xmlns:xi="http://www.w3.org/2001/XInclude" />
-  <xi:include href="enea_vnf_examples.xml"
+  <xi:include href="clav_vnf_examples.xml"
              xmlns:xi="http://www.w3.org/2001/XInclude" />
  <xi:include href="forti_vnf_examples.xml"
              xmlns:xi="http://www.w3.org/2001/XInclude" />
-  <xi:include href="inband_management.xml"
-              xmlns:xi="http://www.w3.org/2001/XInclude" />
  <xi:include href="vnf_chaining.xml"
              xmlns:xi="http://www.w3.org/2001/XInclude" />
 </book>
diff --git a/doc/book-enea-nfv-access-example-usecases/doc/clav_vnf_examples.xml b/doc/book-enea-nfv-access-example-usecases/doc/clav_vnf_examples.xml
index db4525a..806430a 100644
--- a/doc/book-enea-nfv-access-example-usecases/doc/clav_vnf_examples.xml
+++ b/doc/book-enea-nfv-access-example-usecases/doc/clav_vnf_examples.xml
@@ -8,29 +8,47 @@
  <section id="prere_clav_vnf">
    <title>Prerequisites</title>
-    <para>The following files provided with your Enea NFV Access release are
+    <para>System requirements for the uCPE devices:</para>
-    needed for this example use case: <remark>FIXME - These filenames may need
-    to be updated</remark></para>
    <itemizedlist>
      <listitem>
-        <para><literal>enea-nfv-access-vnf-qemux86-64.wic.qcow2</literal></para>
+        <para>1 Network Interface</para>
      </listitem>
      <listitem>
-        <para><literal>clavister-cos-stream-&lt;version&gt;-virtual-x64-generic.qcow2</literal></para>
+        <para>2 GB of RAM memory</para>
      </listitem>
+    </itemizedlist>
+    <para>The following files are needed for this example use case:</para>
+    <itemizedlist>
+      <para>VNF images:</para>
+      <listitem>
+        <para>Enea Test VNF. Please contact Enea to get this image.</para>
+      </listitem>
+      <listitem>
+        <para>Clavister VNF. Please contact Clavister to get this
+        image.</para>
+      </listitem>
+    </itemizedlist>
+    <itemizedlist>
+      <para>VNF Configuration files, these files are provided with your Enea
+      NFV Access release:</para>
      <listitem>
-        <para><literal>clavister-cloudinit.conf</literal></para>
+        <para><filename>clavister-cloudinit.conf</filename>. </para>
      </listitem>
      <listitem>
-        <para><literal>enea-vnf-iperf-client.conf</literal></para>
+        <para><filename>enea-vnf-iperf-client.conf</filename>.</para>
      </listitem>
      <listitem>
-        <para><literal>enea-vnf-iperf-server.conf</literal></para>
+        <para><filename>enea-vnf-iperf-server.conf</filename>.</para>
      </listitem>
    </itemizedlist>
  </section>
@@ -39,22 +57,9 @@
    <title>Clavister VNF using an Open vSwitch Bridge</title>
    <para>In this use-case, uCPE device 1 runs the Clavister VNF, while uCPE
-    device 2 runs two Enea NFV Access VNFs with iPerf client and server
+    device 2 runs two Enea Test VNFs with iPerf client and server
-    applications. The uCPE devices are connected using OVS-DPDK bridges.
+    applications. The uCPE devices are connected using OVS-DPDK
-    </para>
+    bridges.</para>
-    <remark>FIXME: New image needed</remark>
-    <figure condition="hidden">
-      <title>Clavister VNF using Open vSwitch Bridge Overview</title>
-      <mediaobject>
-        <imageobject>
-          <imagedata align="center" fileref="images/clavister_vnf_diagram.png"
-                     scale="50" />
-        </imageobject>
-      </mediaobject>
-    </figure>
    <section id="clav_vnf_setup_1">
      <title>Use-case Setup</title>
@@ -63,8 +68,9 @@
      <orderedlist>
        <listitem>
-          <para>Select uCPE device 1, access <literal>Configuration</literal>, add the network 
+          <para>Select uCPE device 1, access <literal>Configuration</literal>,
-            interface that will be used and configure it for DPDK.</para>
+          add the network interface that will be used and configure it for
+          DPDK.</para>
        </listitem>
        <listitem>
@@ -81,8 +87,8 @@
      <orderedlist>
        <listitem>
-          <para>Onboard the Clavister VNF by filling the required fields with the following 
+          <para>Onboard the Clavister VNF by filling the required fields with
-            values:</para>
+          the following values:</para>
          <itemizedlist spacing="compact">
            <listitem>
@@ -120,11 +126,11 @@
        </listitem>
        <listitem>
-          <para>Onboard the Enea VNF by filling the required fields with the following values:
+          <para>Onboard the Enea Test VNF by filling the required fields with
-            <itemizedlist spacing="compact">
+          the following values: <itemizedlist spacing="compact">
              <listitem>
                <para><emphasis role="bold">VM Image File</emphasis>: Provide
-                the path to the Enea NFV Access VNF qcow2 image</para>
+                the path to the Enea Test VNF qcow2 image</para>
              </listitem>
              <listitem>
@@ -187,16 +193,16 @@
              </listitem>
              <listitem>
-                <para><emphasis role="bold">Interfaces</emphasis>: Set the interface type 
+                <para><emphasis role="bold">Interfaces</emphasis>: Set the
-                  to <literal>DPDK</literal> and select the OVS bridge created 
+                interface type to <literal>DPDK</literal> and select the OVS
-                  above, for both interfaces.</para>
+                bridge created above, for both interfaces.</para>
              </listitem>
            </itemizedlist>
          </listitem>
          <listitem>
-            <para>Instantiate the Enea iPerf server VNF on uCPE device 2 by filling 
+            <para>Instantiate the Enea iPerf server VNF on uCPE device 2 by
-              the required fields with the values below:</para>
+            filling the required fields with the values below:</para>
            <itemizedlist spacing="compact">
              <listitem>
@@ -206,7 +212,7 @@
              <listitem>
                <para><emphasis role="bold">VNF Type</emphasis>: Select Enea
-                NFV Access VNF</para>
+                Test VNF</para>
              </listitem>
              <listitem>
@@ -221,15 +227,16 @@
              </listitem>
              <listitem>
-                <para><emphasis role="bold">Interfaces</emphasis>: Set the interface type to
+                <para><emphasis role="bold">Interfaces</emphasis>: Set the
-                  <literal>DPDK</literal> and select the OVS bridge created above.</para>
+                interface type to <literal>DPDK</literal> and select the OVS
+                bridge created above.</para>
              </listitem>
            </itemizedlist>
          </listitem>
          <listitem>
-            <para>Instantiate the Enea iPerf client VNF on uCPE device 2 by 
+            <para>Instantiate the Enea iPerf client VNF on uCPE device 2 by
-              filling the required fields with the values below:</para>
+            filling the required fields with the values below:</para>
            <itemizedlist spacing="compact">
              <listitem>
@@ -239,7 +246,7 @@
              <listitem>
                <para><emphasis role="bold">VNF Type</emphasis>: Select Enea
-                NFV Access VNF</para>
+                Test VNF</para>
              </listitem>
              <listitem>
@@ -254,8 +261,9 @@
              </listitem>
              <listitem>
-                <para><emphasis role="bold">Interfaces</emphasis>: Set the interface 
+                <para><emphasis role="bold">Interfaces</emphasis>: Set the
-                  type to <literal>DPDK</literal> and select the OVS bridge created above.</para>
+                interface type to <literal>DPDK</literal> and select the OVS
+                bridge created above.</para>
              </listitem>
            </itemizedlist>
          </listitem>
@@ -282,22 +290,9 @@ root@qemux86-64:~# iperf3 -c 192.168.10.10</programlisting>
  <section id="clav_example_sriov">
    <title>Clavister VNF using SR-IOV</title>
-    <para>The following use-case is essentially the same as the one detailed above, 
+    <para>The following use-case is essentially the same as the one detailed
-      in this scenario however, the uCPE devices are connected using SR-IOV, 
+    above, in this scenario however, the uCPE devices are connected using
-      with two virtual functions.</para>
+    SR-IOV, with two virtual functions.</para>
-    <remark>FIXME: New image needed</remark>
-    <figure condition="hidden">
-      <title>Clavister VNF using SR-IOV Overview</title>
-      <mediaobject>
-        <imageobject>
-          <imagedata align="center" fileref="images/clav_VNF_demo_SR-IOV.png"
-                     scale="60" />
-        </imageobject>
-      </mediaobject>
-    </figure>
    <section id="clav_vnf_setup_2">
      <title>Use-case Setup</title>
@@ -306,9 +301,10 @@ root@qemux86-64:~# iperf3 -c 192.168.10.10</programlisting>
      <orderedlist>
        <listitem>
-          <para>Select uCPE device 1, access <literal>Configuration</literal>, 
+          <para>Select uCPE device 1, access <literal>Configuration</literal>,
-            add the network interface that will be used and configure it for SR-IOV.
+          add the network interface that will be used and configure it for
-            For <literal>sriov-mode</literal> select "adapter-pool" and "sriov-num-vfs:2".</para>
+          SR-IOV. For <literal>sriov-mode</literal> select "adapter-pool" and
+          "sriov-num-vfs:2".</para>
        </listitem>
        <listitem>
@@ -323,13 +319,14 @@ root@qemux86-64:~# iperf3 -c 192.168.10.10</programlisting>
      <para><emphasis role="bold">Instantiating the VNFs:</emphasis></para>
      <para>Use the same instantiation parameters as above, but select
-        interface type <literal>SrIovAdapterPool</literal> instead.</para>
+      interface type <literal>SrIovAdapterPool</literal> instead.</para>
    </section>
    <section id="test_clav_uc_2">
      <title>Testing the Use-case</title>
-      <para>Use the same test instructions as detailed in the use-case above.</para>
+      <para>Use the same test instructions as detailed in the use-case
+      above.</para>
    </section>
  </section>
 </chapter>
diff --git a/doc/book-enea-nfv-access-example-usecases/doc/enea_vnf_examples.xml b/doc/book-enea-nfv-access-example-usecases/doc/enea_test_vnf_examples.xml
index 9809cb3..985e299 100644
--- a/doc/book-enea-nfv-access-example-usecases/doc/enea_vnf_examples.xml
+++ b/doc/book-enea-nfv-access-example-usecases/doc/enea_test_vnf_examples.xml
@@ -1,25 +1,49 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
 <chapter id="enea_vnf_examples">
-  <title>Enea NFV Access VNF Example Use-cases</title>
+  <title>Enea Test VNF Example Use-cases</title>
+  <para>The Enea Test VNF is a simple Enea Linux based VM, which can be used
+  for various testing purposes, by using basic DPDK applications (e.g.
+  testpmd) as well as non-DPDK tools (e.g. iPerf3). For more information about
+  the Testpmd application please see the <ulink
+  url="https://doc.dpdk.org/guides/testpmd_app_ug">Testpmd Application User
+  Guide</ulink>.</para>
  <section id="prere_enea_vnf">
    <title>Prerequisites</title>
-    <para>The following files are needed for this example use-case:</para>
+    <para>System requirements for the uCPE devices:</para>
+    <itemizedlist>
+      <listitem>
+        <para>1 Network Interface</para>
+      </listitem>
+      <listitem>
+        <para>2 GB of RAM memory</para>
+      </listitem>
+    </itemizedlist>
-    <remark>FIXME: These filenames may need to be updated</remark>
+    <para>The following files are needed for this example use case:</para>
    <itemizedlist>
+      <para>VNF image:</para>
      <listitem>
-        <para><literal>enea-nfv-access-vnf-qemux86-64.wic.qcow2</literal></para>
+        <para>Enea Test VNF, please contact Enea to get this image.</para>
      </listitem>
+    </itemizedlist>
+    <itemizedlist>
+      <para>VNF Configuration files, these files are provided with your Enea
+      NFV Access release:</para>
      <listitem>
-        <para><literal>enea-vnf-testpmd-fwd.conf</literal></para>
+        <para><filename>enea-vnf-testpmd-fwd.conf</filename>.</para>
      </listitem>
      <listitem>
-        <para><literal>enea-vnf-testpmd-term.conf</literal></para>
+        <para><filename>enea-vnf-testpmd-term.conf</filename>.</para>
      </listitem>
    </itemizedlist>
  </section>
@@ -28,22 +52,9 @@
    <title>TestPMD VNF</title>
    <para>In this use-case, uCPE device 1 runs the pktgen DPDK application to
-    generate traffic and uCPE device 2 runs two Enea NFV Access VNFs. One VNF
+    generate traffic and uCPE device 2 runs two Enea Test VNFs. One VNF runs
-    runs the TestPMD DPDK application forwarding traffic, and the other runs
+    the TestPMD DPDK application forwarding traffic, and the other runs the
-    the TestPMD in order to terminate traffic.</para>
+    TestPMD in order to terminate traffic.</para>
-    <remark>FIXME: New image needed</remark>
-    <figure condition="hidden">
-      <title>Enea TestPMD VNF Overview</title>
-      <mediaobject>
-        <imageobject>
-          <imagedata align="center"
-                     fileref="images/enea_vnf_demo_overview.png" scale="80" />
-        </imageobject>
-      </mediaobject>
-    </figure>
    <section id="enea_vnf_setup">
      <title>Use-case Setup</title>
@@ -72,13 +83,13 @@
      <para><emphasis role="bold">Onboarding the VNF:</emphasis></para>
-      <para>Onboard the Enea NFV Access VNF by filling the required fields
+      <para>Onboard the Enea Test VNF by filling the required fields with the
-      with the following values:</para>
+      following values:</para>
      <itemizedlist spacing="compact">
        <listitem>
          <para><emphasis role="bold">VM Image File</emphasis>: Provide the
-          path to the Enea NFV Access VNF qcow2 image.</para>
+          path to the Enea Test VNF qcow2 image.</para>
        </listitem>
        <listitem>
@@ -123,8 +134,8 @@
            </listitem>
            <listitem>
-              <para><emphasis role="bold">VNF Type</emphasis>: Select Enea NFV
+              <para><emphasis role="bold">VNF Type</emphasis>: Select Enea
-              Access VNF.</para>
+              Test VNF.</para>
            </listitem>
            <listitem>
@@ -157,8 +168,8 @@
            </listitem>
            <listitem>
-              <para><emphasis role="bold">VNF Type</emphasis>: Select Enea NFV
+              <para><emphasis role="bold">VNF Type</emphasis>: Select Enea
-              Access VNF.</para>
+              Test VNF.</para>
            </listitem>
            <listitem>
@@ -173,7 +184,7 @@
            </listitem>
            <listitem>
-              <para><emphasis role="bold">Interfaces</emphasis>:  Set the
+              <para><emphasis role="bold">Interfaces</emphasis>: Set the
              interface type to <literal>DPDK</literal> and select the OVS
              bridge created above.</para>
            </listitem>
@@ -201,43 +212,37 @@
      <title>Testing the Use-case</title>
      <orderedlist>
-      <listitem>
+        <listitem>
-        <para>SSH to uCPE device 1 (Username: root) and start the pktgen
+          <para>SSH to uCPE device 1 (Username: root) and start the pktgen
-      application:</para>
+          application:</para>
-      <programlisting>cd /usr/share/apps/pktgen/
+          <programlisting>cd /usr/share/apps/pktgen/
 ./pktgen -c 0x7 -n 4 --proc-type auto --socket-mem 256 -w 0000:01:00.0 -- \
  -P -m "[1:2].0"
 Pktgen:/&gt; start 0</programlisting>
-      <note>
+          <note>
-        <para>Replace 0000:01:00.0 with the actual PCI address of the network
+            <para>Replace 0000:01:00.0 with the actual PCI address of the
-        interface used on uCPE device 1.</para>
+            network interface used on uCPE device 1.</para>
-      </note></listitem>
+          </note>
+        </listitem>
-      <listitem><para>SSH to uCPE device 2 and connect to the TestPMD forwarding VNF
+        <listitem>
-      console:</para>
+          <para>SSH to uCPE device 2 and connect to the TestPMD forwarding VNF
+          console:</para>
-      <programlisting>virsh list
+          <programlisting>virsh list
-virsh console &lt;id of testpmd fwd&gt;</programlisting></listitem>
+virsh console &lt;id of testpmd fwd&gt;</programlisting>
+        </listitem>
-      <listitem><para>Check the TestPMD traffic forwarding statistics:</para>
+        <listitem>
+          <para>Check the TestPMD traffic forwarding statistics:</para>
-      <programlisting># qemux86-64 login: root
+          <programlisting># qemux86-64 login: root
 tail -f /var/log/testpmd-out</programlisting>
+        </listitem>
-      <figure>
+      </orderedlist>
-        <title>Traffic Statistics</title>
-        <mediaobject>
-          <imageobject>
-            <imagedata align="center"
-                       fileref="images/connection_information.png" scale="70" />
-          </imageobject>
-        </mediaobject>
-        </figure></listitem>
-     </orderedlist>
    </section>
    <section condition="hidden" id="vnf_pci">
@@ -247,17 +252,6 @@ tail -f /var/log/testpmd-out</programlisting>
      device 2 will run the TestPMD VNF. Both will be using PCI
      passthrough:</para>
-      <figure>
-        <title>TestPMD VNF using PCI passthrough Overview</title>
-        <mediaobject>
-          <imageobject>
-            <imagedata align="center" fileref="images/testPMD_VNF_PCI.png"
-                       scale="65" />
-          </imageobject>
-        </mediaobject>
-      </figure>
      <orderedlist>
        <listitem>
          <para>Make sure that neither uCPE device 1 nor uCPE device 2 have
@@ -273,17 +267,6 @@ tail -f /var/log/testpmd-out</programlisting>
          <para>From the drop-down list, select the PCI interface
          corresponding to the NIC which is connected to uCPE device 2:</para>
-          <figure>
-            <title>Selecting the Pktgen VNF Interface</title>
-            <mediaobject>
-              <imageobject>
-                <imagedata align="center"
-                           fileref="images/pciPass_interface.png" scale="70" />
-              </imageobject>
-            </mediaobject>
-          </figure>
        </listitem>
        <listitem>
@@ -291,17 +274,6 @@ tail -f /var/log/testpmd-out</programlisting>
          "PciPassthrough" as the Interface type. From the drop-down list,
          select the PCI interface corresponding to the NIC which is connected
          to uCPE device 1:</para>
-          <figure>
-            <title>Selecting the TestPmdForwarder VNF Interface</title>
-            <mediaobject>
-              <imageobject>
-                <imagedata align="center"
-                           fileref="images/testpmd_fwdvnf_int.png" scale="70" />
-              </imageobject>
-            </mediaobject>
-          </figure>
        </listitem>
        <listitem>
diff --git a/doc/book-enea-nfv-access-example-usecases/doc/forti_vnf_examples.xml b/doc/book-enea-nfv-access-example-usecases/doc/forti_vnf_examples.xml
index 4a9a8a5..fcb8c87 100644
--- a/doc/book-enea-nfv-access-example-usecases/doc/forti_vnf_examples.xml
+++ b/doc/book-enea-nfv-access-example-usecases/doc/forti_vnf_examples.xml
@@ -14,39 +14,38 @@
    <itemizedlist>
      <listitem>
-        <para>3 x Network Interfaces</para>
+        <para>4 x Network Interfaces</para>
      </listitem>
      <listitem>
-        <para>1 x vCPU</para>
+        <para>4 cores</para>
      </listitem>
      <listitem>
-        <para>1 GB of RAM memory</para>
+        <para>4 GB of RAM memory</para>
      </listitem>
    </itemizedlist>
    <para>The following files are needed for this example use case:</para>
    <itemizedlist>
-      <listitem>
+      <para>VNF image:</para>
-        <para>FortiGate VNF image. This file is provided by the local Fortinet
-        sales representatives in your region.</para>
-      </listitem>
      <listitem>
-        <para>FortiGate VNF license file. This file is provided by the local
+        <para>FortiGate VNF. Please contact Fortinet to get a VNF image and its license file.</para>
-        Fortinet sales representatives in your region.</para>
      </listitem>
+    </itemizedlist>
+    <itemizedlist>
+      <para>VNF Configuration files, provided with your Enea 
+        NFV Access release:</para>
      <listitem>
-        <para>FortiGate specific documentation. This is provided by the local
+        <para><filename>fortigate-basic-fw.conf</filename>.</para>
-        Fortinet sales representatives in your region.</para>
      </listitem>
      <listitem>
-        <para>FortiGate configuration example files. These files are provided
+        <para><filename>fortigate-sdwan&lt;x&gt;.conf</filename>.</para>
-        with your Enea NFV Access release.</para>
      </listitem>
    </itemizedlist>
  </section>
@@ -54,202 +53,22 @@
  <section id="fortigate_firewall_uc_1">
    <title>FortiGate VNF as a Firewall</title>
-    <para>Enea provides an example of a simple base firewall configuration for
+    <para>Enea provides an example of a simple basic firewall configuration
-    the FortiGate VNF.</para>
+    for the FortiGate VNF. FortiGate In-Band Management is a
-    <table>
-      <title>FortiGate VNF Example Configuration</title>
-      <tgroup cols="2">
-          <colspec align="center" colwidth="1*" />
-          <colspec align="center" colwidth="4*" />
-        <thead>
-          <row>
-            <entry align="center">Component</entry>
-            <entry align="center">Setting/Description</entry>
-          </row>
-        </thead>
-        <tbody>
-          <row>
-            <entry align="left">Firewall</entry>
-            <entry align="left">"All pass" mode</entry>
-          </row>
-          <row>
-            <entry align="left">WAN (Virtual Port1)</entry>
-            <entry align="left"><para>DHCP Client, dynamically assigned IP
-            address.</para><para>FortiGate In-Band
-            Management<superscript>1</superscript>.</para></entry>
-          </row>
-          <row>
-            <entry align="left">WAN (Virtual Port2)</entry>
-            <entry align="left"><para>IP address:
-            172.168.16.1</para><para>DHCP server (IP range 172.168.16.1 -
-            172.168.16.255).</para></entry>
-          </row>
-          <row>
-            <entry align="left">WAN (Virtual Port3)</entry>
-            <entry align="left">Ignored</entry>
-          </row>
-        </tbody>
-      </tgroup>
-    </table>
-    <para><superscript>1</superscript>FortiGate In-Band Management is a
    feature used for running FortiGate Management traffic over WAN.</para>
-    <para>Instructions on how to alter the default configuration are provided in section
+    <para>Instructions on how to alter the default configuration are provided
-    <olink targetdoc="book_enea_nfv_access_example_usecases"
+    in section <olink targetdoc="book_enea_nfv_access_example_usecases"
-    targetptr="fortigate_webmg">FortiGate VNF Web Management in <xi:include
+    targetptr="fortigate_webmg">FortiGate VNF Web Management in the
-    href="../../s_docbuild/olinkdb/pardoc-names.xml"
+    <xi:include href="../../s_docbuild/olinkdb/pardoc-names.xml"
    xmlns:xi="http://www.w3.org/2001/XInclude"
-    xpointer="element(book_enea_nfv_access_example_usecases/1)" /></olink>.</para>
+    xpointer="element(book_enea_nfv_access_example_usecases/1)" /></olink>
+    Manual.</para>
-    <section id="lab_setup_fortfirewall">
-      <title>Lab Setup</title>
-      <para>Before starting the configuration of the FortiGate Firewall, a lab
-      setup concerning hardware and software components has to be created. The
-      following table illustrates the requirements for this setup.</para>
-      <table>
-        <title>Lab Setup Prerequisites</title>
-        <tgroup cols="2">
-          <colspec align="center" />
-          <thead>
-            <row>
-              <entry align="center">Component</entry>
-              <entry align="center">Description/Requirements</entry>
-            </row>
-          </thead>
-          <tbody>
-            <row>
-              <entry align="left">Lab Network</entry>
-              <entrytbl cols="1">
-                <tbody>
-                  <row>
-                    <entry>DHCP enabled Lab Network.</entry>
-                  </row>
-                  <row>
-                    <entry>Internet Connectivity.</entry>
-                  </row>
-                </tbody>
-              </entrytbl>
-            </row>
-            <row>
-              <entry align="left">Setup of an Intel Whitebox uCPE
-              device</entry>
-              <entrytbl cols="1">
-                <tbody>
-                  <row>
-                    <entry>Minimum 4 Physical Network Devices.</entry>
-                  </row>
-                  <row>
-                    <entry>4 GB RAM and 4 cores (C3000 or Xeon D).</entry>
-                  </row>
-                  <row>
-                    <entry>Enea NFV Access Installed.</entry>
-                  </row>
-                  <row>
-                    <entry>WAN Connected to the Lab Network.</entry>
-                  </row>
-                  <row>
-                    <entry>LAN1 Connected to the Test Machine.</entry>
-                  </row>
-                  <row>
-                    <entry>LAN2 Unconnected.</entry>
-                  </row>
-                  <row>
-                    <entry>ETH0 connected to the Lab Network (for Enea uCPE
-                    Manager communications).</entry>
-                  </row>
-                </tbody>
-              </entrytbl>
-            </row>
-            <row>
-              <entry align="left">Setup of a Lab Machine</entry>
-              <entrytbl cols="1">
-                <tbody>
-                  <row>
-                    <entry>Connected to the Lab Network.</entry>
-                  </row>
-                  <row>
-                    <entry>Running either Windows or CentOS.</entry>
-                  </row>
-                  <row>
-                    <entry>The Enea uCPE Manager installed.</entry>
-                  </row>
-                </tbody>
-              </entrytbl>
-            </row>
-            <row>
-              <entry align="left">Setup of a Test Machine</entry>
-              <entrytbl cols="1">
-                <tbody>
-                  <row>
-                    <entry>Connected to Whitebox LAN.</entry>
-                  </row>
-                  <row>
-                    <entry>Internet Connectivity via LAN.</entry>
-                  </row>
-                  <row>
-                    <entry>Configured as the DHCP client on LAN.</entry>
-                  </row>
-                </tbody>
-              </entrytbl>
-            </row>
-          </tbody>
-        </tgroup>
-      </table>
-      <figure>
-        <title>Lab Setup Overview</title>
-        <mediaobject>
-          <imageobject>
-            <imagedata align="center" fileref="images/intel_whitebox.png"
-                       contentwidth="600" />
-          </imageobject>
-        </mediaobject>
-      </figure>
-    </section>
    <section id="exam_setup_fortifirewall">
      <title>Use-case Setup</title>
-      <para><emphasis role="bold">Network Configuration:</emphasis></para>
+      <para><emphasis role="bold">Network Configuration</emphasis>:</para>
      <para>Since the firewall uses three External Network Interfaces, three
      bridges need to be configured. Each bridge provides the ability to
@@ -273,30 +92,40 @@
      connection points for the FortiGate VNF, by replacing the OVS-DPDK
      bridges with SR-IOV connection points.</para>
-      <para>Please note that while previously three physical interfaces were 
+      <para>Please note that while previously three physical interfaces were
-        presumed necessary for VNF connection, in the case of a firewall setup 
+      presumed necessary for VNF connection, in the case of a firewall setup
-        only two physical interfaces are required for the data path 
+      only two physical interfaces are required for the data path (one for WAN
-        (one for WAN and one for LAN).</para>
+      and one for LAN).</para>
-      
-      <para>Only two interfaces will be configured as DPDK, with two bridges 
+      <para>Only two interfaces will be configured as DPDK, with two bridges
-        created, one for each type of connection.</para>
+      created, one for each type of connection.</para>
-      <note><para>At VNF instantiation instead of assigning distinct bridges for 
+      <note>
-        each LAN interface, only one will be used for both LAN1 and LAN2, 
+        <para>At VNF instantiation instead of assigning distinct bridges for
-        with no changes in WAN interface configuration.</para></note>
+        each LAN interface, only one will be used for both LAN1 and LAN2, with
-        
+        no changes in WAN interface configuration.</para>
-        <para>See the picture below for the final setup:</para>
+      </note>
-      <figure>
+      <para><emphasis role="bold">Setup of the uCPE device:</emphasis></para>
-        <title>Two-Interface Configuration</title>
+      <itemizedlist>
-        <mediaobject>
+        <listitem>
-          <imageobject>
+          <para>WAN connected to the Lab Network.</para>
-            <imagedata align="center" fileref="images/two_inst_firewall.png"
+        </listitem>
-                       contentwidth="600" />
-          </imageobject>
+        <listitem>
-        </mediaobject>
+          <para>LAN1 connected to the Test Machine.</para>
-      </figure>
+        </listitem>
+        <listitem>
+          <para>LAN2 unconnected.</para>
+        </listitem>
+        <listitem>
+          <para>ETH0 connected to the Lab Network (for Enea uCPE Manager
+          communications).</para>
+        </listitem>
+      </itemizedlist>
      <para><emphasis role="bold">Onboarding the VNF:</emphasis></para>
@@ -347,84 +176,54 @@
      <para>Instantiate the FortiGate VNF by filling the required fields with
      the following values:</para>
-      <table>
+      <itemizedlist spacing="compact">
-        <title>Instantiation Requirements</title>
+        <listitem>
+          <para><emphasis role="bold">Name</emphasis>: Name of the VM which
-        <tgroup cols="2">
+          will be created on the uCPE device.</para>
-          <colspec align="center" colwidth="1*" />
+        </listitem>
-          <colspec align="center" colwidth="4*" />
-          <thead>
-            <row>
-              <entry align="center">Field</entry>
-              <entry align="center">Description</entry>
-            </row>
-          </thead>
-          <tbody>
-            <row>
-              <entry align="left">Name</entry>
-              <entry align="left">Name of the VM which will be created on the
-              uCPE device.</entry>
-            </row>
-            <row>
-              <entry align="left">VNF Type</entry>
-              <entry align="left">Name of the onboarded VNF.</entry>
-            </row>
-            <row>
-              <entry align="left">uCPE Device</entry>
-              <entry align="left">Select the uCPE device where the VNF will be
-              instantiated.</entry>
-            </row>
-            <row>
-              <entry align="left">License file</entry>
-              <entry align="left">The FortiGate license file provided by
-              Fortinet.</entry>
-            </row>
-            <row>
-              <entry align="left">Configuration file</entry>
-              <entry align="left">The Firewall example configuration file provided
+        <listitem>
-              by Enea
+          <para><emphasis role="bold">VNF Type</emphasis>: Name of the
-              (<filename>fortigate-basic-fw.conf</filename>).</entry>
+          onboarded VNF.</para>
-            </row>
+        </listitem>
-            <row>
+        <listitem>
-              <entry align="left">Port1 - WAN</entry>
+          <para><emphasis role="bold">uCPE Device</emphasis>: Select the uCPE
+          device where the VNF will be instantiated.</para>
+        </listitem>
-              <entry align="left">Set the <literal>External Interface</literal> type to 
+        <listitem>
-                <literal>DPDK</literal> and connect it to the <literal>wanmgrbr</literal> ovs
+          <para><emphasis role="bold">License file</emphasis>: The FortiGate
-              bridge.</entry>
+          license file provided by Fortinet.</para>
-            </row>
+        </listitem>
-            <row>
+        <listitem>
-              <entry align="left">Port2 - LAN1</entry>
+          <para><emphasis role="bold">Configuration file</emphasis>: The
+          Firewall example configuration file provided by Enea
+          (<filename>fortigate-basic-fw.conf</filename>).</para>
+        </listitem>
-              <entry align="left">Set the <literal>Incoming Interface</literal> type to 
+        <listitem>
-                <literal>DPDK</literal> and connect it to the <literal>lan1</literal> ovs 
+          <para><emphasis role="bold">Port1 - WAN</emphasis>: Set the
-                bridge.</entry>
+          <literal>External Interface</literal> type to
-            </row>
+          <literal>DPDK</literal> and connect it to the
+          <literal>wanmgrbr</literal> ovs bridge.</para>
+        </listitem>
-            <row>
+        <listitem>
-              <entry align="left">Port3 - LAN2</entry>
+          <para><emphasis role="bold">Port2 - LAN1</emphasis>: Set the
+          <literal>Incoming Interface</literal> type to
+          <literal>DPDK</literal> and connect it to the
+          <literal>lan1</literal> ovs bridge.</para>
+        </listitem>
-              <entry align="left">Set the <literal>Outgoing Interface</literal> type to 
+        <listitem>
-                <literal>DPDK</literal> and connect it to the <literal>lan2</literal> ovs 
+          <para><emphasis role="bold">Port3 - LAN2</emphasis>: Set the
-                bridge.</entry>
+          <literal>Outgoing Interface</literal> type to
-            </row>
+          <literal>DPDK</literal> and connect it to the
-          </tbody>
+          <literal>lan2</literal> ovs bridge.</para>
-        </tgroup>
+        </listitem>
-      </table>
+      </itemizedlist>
    </section>
    <section id="testing_fortigate_uc_1">
@@ -455,268 +254,19 @@
  </section>
  <section id="fortigate_sdwan_vpn">
-    <title>FortiGate VNF as an SD-WAN VPN</title>
+    <title>FortiGate VNF as an SD-WAN or a VPN</title>
    <para>SD-WAN decouples the network from the management plane, detaching
    traffic management and monitoring functions from hardware. Most forms of
    SD-WAN technology create a virtual overlay that is transport-agnostic,
    i.e. it abstracts underlying private or public WAN connections.</para>
-    <para>For deployment, the user plugs in WAN links into the device,
+    <para>For deployment, the user plugs in WAN links into the device, which
-    which automatically configures itself with the network.</para>
+    automatically configures itself with the network.</para>
    <para>Example SD-WAN configurations for the FortiGate VNF are provided by
    Enea.</para>
-    <section id="prereq_forti_sdwan_vpn">
-      <title>Prerequisites</title>
-      <para>The following table illustrates the use-case prerequisites for the
-      setup:</para>
-      <table>
-        <title>Prerequisites</title>
-        <tgroup cols="2">
-          <colspec align="center" />
-          <thead>
-            <row>
-              <entry align="center">Component</entry>
-              <entry align="center">Description</entry>
-            </row>
-          </thead>
-          <tbody>
-            <row>
-              <entry align="left">Lab Network</entry>
-              <entrytbl cols="1">
-                <tbody>
-                  <row>
-                    <entry>DHCP enabled Lab Network.</entry>
-                  </row>
-                  <row>
-                    <entry>Internet Connectivity.</entry>
-                  </row>
-                </tbody>
-              </entrytbl>
-            </row>
-            <row>
-              <entry align="left">Two Intel Whitebox uCPE devices</entry>
-              <entrytbl cols="1">
-                <tbody>
-                  <row>
-                    <entry>Minimum 4 Physical Network Devices.</entry>
-                  </row>
-                  <row>
-                    <entry>4 GB RAM and 4 cores (C3000 or Xeon D).</entry>
-                  </row>
-                  <row>
-                    <entry>Enea NFV Access Installed.</entry>
-                  </row>
-                  <row>
-                    <entry>VNFMgr connected to the Lab Network for VNF management
-                    access.</entry>
-                  </row>
-                  <row>
-                    <entry>WAN interfaces directly connected through the Ethernet
-                    cable.</entry>
-                  </row>
-                  <row>
-                    <entry>LAN connected to the Test Machine.</entry>
-                  </row>
-                  <row>
-                    <entry>ETH0 connected to the Lab Network (for Enea uCPE
-                    Manager communications).</entry>
-                  </row>
-                </tbody>
-              </entrytbl>
-            </row>
-            <row>
-              <entry align="left">One Lab Machine</entry>
-              <entrytbl cols="1">
-                <tbody>
-                  <row>
-                    <entry>Connected to the Lab Network.</entry>
-                  </row>
-                  <row>
-                    <entry>Running either Windows or CentOS.</entry>
-                  </row>
-                  <row>
-                    <entry>The Enea uCPE Manager installed.</entry>
-                  </row>
-                </tbody>
-              </entrytbl>
-            </row>
-            <row>
-              <entry align="left">Two Test Machines</entry>
-              <entrytbl cols="1">
-                <tbody>
-                  <row>
-                    <entry>Connected to Whitebox LANs.</entry>
-                  </row>
-                  <row>
-                    <entry>Internet Connectivity via LAN.</entry>
-                  </row>
-                  <row>
-                    <entry>Configured as the DHCP client on LAN.</entry>
-                  </row>
-                </tbody>
-              </entrytbl>
-            </row>
-          </tbody>
-        </tgroup>
-      </table>
-    </section>
-    <section id="forti_labsetup_uc2">
-      <title>Lab Setup</title>
-      <para>The following will detail an SD-WAN setup for a branch to branch
-      connection using the FortiGate VNF. FortiGate provides native SD-WAN
-      along with integrated advanced threat protection.</para>
-      <table>
-        <title>FortiGate VNF Example Configuration - SD-WAN uCPE device
-        1</title>
-        <tgroup cols="2">
-          <colspec align="center" />
-          <thead>
-            <row>
-              <entry align="center">Component</entry>
-              <entry align="center">Description</entry>
-            </row>
-          </thead>
-          <tbody>
-            <row>
-              <entry align="left">SD-WAN</entry>
-              <entry>VPN connection between two branches (uCPE device 1 and
-              uCPE device 2).</entry>
-            </row>
-            <row>
-              <entry align="left">VNFMgr (Virtual Port1)</entry>
-              <entry>DHCP Client, dynamically assigned IP address.</entry>
-            </row>
-            <row>
-              <entry align="left">WAN (Virtual Port2)</entry>
-              <entry>IP address: 10.0.0.1</entry>
-            </row>
-            <row>
-              <entry align="left">LAN (Virtual Port3)</entry>
-              <entrytbl cols="1">
-                <tbody>
-                  <row>
-                    <entry>IP address: 172.16.1.1</entry>
-                  </row>
-                  <row>
-                    <entry>DHCP server (IP range 172.16.1.2 -
-                    172.16.1.254)</entry>
-                  </row>
-                </tbody>
-              </entrytbl>
-            </row>
-          </tbody>
-        </tgroup>
-      </table>
-      <table>
-        <title>FortiGate VNF Example Configuration - SD-WAN uCPE device
-        2</title>
-        <tgroup cols="2">
-          <colspec align="center" />
-          <thead>
-            <row>
-              <entry align="center">Component</entry>
-              <entry align="center">Description</entry>
-            </row>
-          </thead>
-          <tbody>
-            <row>
-              <entry align="left">SD-WAN</entry>
-              <entry>VPN connection between two branches (uCPE device 2 and
-              uCPE device 1).</entry>
-            </row>
-            <row>
-              <entry align="left">VNFMgr (Virtual Port1)</entry>
-              <entry>DHCP Client, dynamically assigned IP address.</entry>
-            </row>
-            <row>
-              <entry align="left">WAN (Virtual Port2)</entry>
-              <entry>IP address: 10.0.0.2</entry>
-            </row>
-            <row>
-              <entry align="left">LAN (Virtual Port3)</entry>
-              <entrytbl cols="1">
-                <tbody>
-                  <row>
-                    <entry>IP address: 172.16.2.1</entry>
-                  </row>
-                  <row>
-                    <entry>DHCP server (IP range 172.16.2.2 -
-                    172.16.2.254)</entry>
-                  </row>
-                </tbody>
-              </entrytbl>
-            </row>
-          </tbody>
-        </tgroup>
-      </table>
-      <figure>
-        <title>SD-WAN: VPN Configuration</title>
-        <mediaobject>
-          <imageobject>
-            <imagedata align="center"
-                       fileref="images/sdwan_vpn_overview_1.png" contentwidth="600" />
-          </imageobject>
-        </mediaobject>
-      </figure>
-    </section>
    <section id="forti_examsetup_uc2">
      <title>Use-case Setup</title>
@@ -725,8 +275,8 @@
      <para>Since the SD-WAN VNF uses three External Network Interfaces, three
      bridges need to be configured. Each bridge provides the ability to
      connect a physical network interface to the VM's virtual network
-        interface.</para>
+      interface.</para>
-      
      <para>Each VNF instance will have a virtual interface for VNF
      management, for the WAN network and for LAN communication.</para>
@@ -746,105 +296,96 @@
        </listitem>
      </orderedlist>
-      <para><emphasis role="bold">Onboarding the FortiGate VNF</emphasis></para>
+      <para><emphasis role="bold">Setup of an Intel Whitebox uCPE
+      device</emphasis>:</para>
-      <para>See the onboarding parameters detailed in the previous use-case above.</para>
-      <para><emphasis role="bold">Instantiating the FortiGate VNF</emphasis></para>
-      <para>Instantiate the FortiGate VNF by filling the required fields with
-      the following values:</para>
-      <table>
-        <title>Instantiation Requirements</title>
-        <tgroup cols="2">
-          <colspec align="center" colwidth="1*" />
-          <colspec align="center" colwidth="4*" />
-          <thead>
-            <row>
-              <entry align="center">Field</entry>
-              <entry align="center">Description</entry>
-            </row>
-          </thead>
-          <tbody>
-            <row>
-              <entry align="left">Name</entry>
-              <entry align="left">Name of the VM which will be created on the
-              uCPE device.</entry>
-            </row>
-            <row>
+      <itemizedlist>
-              <entry align="left">VNF Type</entry>
+        <listitem>
+          <para><literal>VNFMgr</literal>. Connected to the Lab Network for
+          VNF management access.</para>
+        </listitem>
-              <entry align="left">Name of the onboarded VNF.</entry>
+        <listitem>
-            </row>
+          <para><literal>WAN interfaces</literal>. Directly connected through
+          the Ethernet cable.</para>
+        </listitem>
-            <row>
+        <listitem>
-              <entry align="left">uCPE Device</entry>
+          <para><literal>LAN</literal>. Connected to the Test Machine.</para>
+        </listitem>
-              <entry align="left">Select the uCPE device where the VNF will be
+        <listitem>
-              instantiated.</entry>
+          <para><literal>ETH0</literal>. Connected to the Lab Network (for
-            </row>
+          Enea uCPE Manager communications).</para>
+        </listitem>
+      </itemizedlist>
-            <row>
+      <para><emphasis role="bold">Onboarding the FortiGate
-              <entry align="left">License file</entry>
+      VNF</emphasis>:</para>
-              <entry align="left">The FortiGate license file provided by
+      <para>See the onboarding parameters detailed in the previous use-case
-              Fortinet.</entry>
+      above.</para>
-            </row>
-            <row>
+      <para><emphasis role="bold">Instantiating the FortiGate
-              <entry align="left">Configuration files</entry>
+      VNF</emphasis>:</para>
-              <entry align="left">The SD-WAN example configuration files provided
+      <para>Instantiate the FortiGate VNF by filling the required fields with
-              by Enea:
+      the following values:</para>
-              <literal>fortigate-sdwan1.conf</literal>
-              <literal>fortigate-sdwan2.conf</literal></entry>
-            </row>
-            <row>
+      <itemizedlist spacing="compact">
-              <entry align="left">Port1 - VNFMgr</entry>
+        <listitem>
+          <para><emphasis role="bold">Name</emphasis>: Name of the VM which
+          will be created on the uCPE device.</para>
+        </listitem>
-              <entry align="left">Set the type to <literal>DPDK</literal> and connect it to the
+        <listitem>
-              <literal>vnfmgrbr</literal> bridge.</entry>
+          <para><emphasis role="bold">VNF Type</emphasis>: Name of the
-            </row>
+          onboarded VNF.</para>
+        </listitem>
-            <row>
+        <listitem>
-              <entry align="left">Port2 - WAN</entry>
+          <para><emphasis role="bold">uCPE Device</emphasis>: Select the uCPE
+          device where the VNF will be instantiated.</para>
+        </listitem>
-              <entry align="left">Set the type to <literal>DPDK</literal> and connect it to the
+        <listitem>
-              <literal>wanbr</literal> bridge.</entry>
+          <para><emphasis role="bold">License file</emphasis>: The FortiGate
-            </row>
+          license file provided by Fortinet.</para>
+        </listitem>
-            <row>
+        <listitem>
-              <entry align="left">Port3 - LAN</entry>
+          <para><emphasis role="bold">Configuration file</emphasis>: The
+          SD-WAN example configuration files provided by Enea:
+          <literal>fortigate-sdwan1.conf</literal> and
+          <literal>fortigate-sdwan2.conf</literal>.</para>
+        </listitem>
-              <entry align="left">Set the type to <literal>DPDK</literal> and connect it to the
+        <listitem>
-              <literal>lanbr</literal> bridge.</entry>
+          <para><emphasis role="bold">Port1 - VNF Mgr</emphasis>: Set the type
-            </row>
+          to <literal>DPDK</literal> and connect it to the
-          </tbody>
+          <literal>vnfmgrbr</literal> bridge.</para>
-        </tgroup>
+        </listitem>
-      </table>
-      <orderedlist>
        <listitem>
-          <para>Instantiate the FortiGate VNF on uCPE device 1 using the
+          <para><emphasis role="bold">Port2 - WAN</emphasis>: Set the type to
-          <literal>sdwan1</literal> example configuration file.</para>
+          <literal>DPDK</literal> and connect it to the
+          <literal>wanbr</literal> bridge.</para>
        </listitem>
        <listitem>
-          <para>To complete the branch-to-branch setup, configure <literal>uCPE device
+          <para><emphasis role="bold">Port3 - LAN</emphasis>: Set the type to
-          2</literal> in the same way as <literal>uCPE device 1</literal>. Make sure to
+          <literal>DPDK</literal> and connect it to the
-          use the <literal>sdwan2</literal> configuration file for the second VNF
+          <literal>lanbr</literal> bridge.</para>
-          instantiation.</para>
        </listitem>
-      </orderedlist>
+      </itemizedlist>
+      <para>Instantiate the FortiGate VNF on uCPE device 1 using the
+      <literal>sdwan1</literal> example configuration file.</para>
+      <para>To complete the branch-to-branch setup, configure <literal>uCPE
+      device 2</literal> in the same way as <literal>uCPE device 1</literal>.
+      Make sure to use the <literal>sdwan2</literal> configuration file for
+      the second VNF instantiation.</para>
    </section>
    <section id="forti_test_uc2">
@@ -914,16 +455,16 @@ virsh console &lt;id of FortiGate VNF&gt;</programlisting>
      </listitem>
      <listitem>
-        <para>Browse through the configuration and perform changes
+        <para>Browse through the configuration and perform changes according
-        according to your setup:</para>
+        to your setup:</para>
        <figure>
          <title>The FortiGate VNF Web Management Interface</title>
          <mediaobject>
            <imageobject>
-              <imagedata align="center"
+              <imagedata align="center" contentwidth="600"
-                         fileref="images/fortinet_interface.png" contentwidth="600" />
+                         fileref="images/fortinet_interface.png" />
            </imageobject>
          </mediaobject>
        </figure>
@@ -954,11 +495,6 @@ virsh console &lt;id of FortiGate VNF&gt;</programlisting>
            at the next FortiGate VNF instantiation.</para>
          </listitem>
        </orderedlist>
-        <note>
-          <para>Editing the default configuration is only recommended for
-          FortiGate configuration experts.</para>
-        </note>
      </listitem>
    </orderedlist>
  </section>
diff --git a/doc/book-enea-nfv-access-example-usecases/doc/inband_management.xml b/doc/book-enea-nfv-access-example-usecases/doc/inband_management.xml
deleted file mode 100644
index a27075c..0000000
--- a/doc/book-enea-nfv-access-example-usecases/doc/inband_management.xml
+++ /dev/null
@@ -1,237 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<chapter id="inband_management">
-  <title>In-band Management Example Use-case</title>
-  <para>In the case of an NFV Access device installed on a network with
-  limited access, In-band management can be a solution to manage the device
-  and to pass data traffic (through only one physical interface). This example
-  use-case will show how to enable In-band management on the NFV Access
-  device and to access a VNF on the same physical interface.</para>
-  <section id="inband_mg_uc_preq">
-    <title>Prerequisites</title>
-    <para>System requirements for the uCPE device:</para>
-    <itemizedlist>
-      <listitem>
-        <para>1 x Network Interface for WAN and management.</para>
-      </listitem>
-      <listitem>
-        <para>1 x Network Interface for LAN.</para>
-      </listitem>
-    </itemizedlist>
-    <note>
-      <para>No other physical port for In-band management can be used.
-      <remark>FIXME: What does this mean?</remark></para>
-    </note>
-    <para>The following files are needed for this example use case:</para>
-    <itemizedlist>
-      <listitem>
-        <para>FortiGate VNF image. This file is provided by the local Fortinet
-        sales representatives in your region.</para>
-      </listitem>
-      <listitem>
-        <para>FortiGate VNF license file. This file is provided by the local
-        Fortinet sales representatives in your region.</para>
-      </listitem>
-      <listitem>
-        <para>FortiGate specific documentation. This is provided by the local
-        Fortinet sales representatives in your region.</para>
-      </listitem>
-      <listitem>
-        <para>FortiGate configuration example files. These files are provided
-        with your Enea NFV Access release.</para>
-      </listitem>
-    </itemizedlist>
-  </section>
-  <section id="inband_mg_fortivnf_uc">
-    <title>In-band Management Activation</title>
-    <para>In-band management activation is done by creating a special bridge
-    which manages all traffic from the WAN interface. The active physical port
-    of the device (used by the device manager to communicate with the uCPE
-    Manager) will be connected to the In-band management bridge.</para>
-    <para>Once the In-band management bridge is activated, communication to
-    the uCPE Manager will be reactivated, passing through the bridge.</para>
-    <para>For further details, please see <olink targetdoc="book_enea_nfv_access_getting_started"
-  targetptr="in_band_managemen">in_band_managemen in <xi:include
-  href="../../s_docbuild/olinkdb/pardoc-names.xml"
-  xmlns:xi="http://www.w3.org/2001/XInclude"
-  xpointer="element(book_enea_nfv_access_getting_started/1)" /></olink>.</para>
-    <figure>
-      <title>NFV Access In-band management solution setup</title>
-      <mediaobject>
-        <imageobject>
-          <imagedata align="center" fileref="images/uc_ibm_solution_test.png"
-                     contentwidth="600" />
-        </imageobject>
-      </mediaobject>
-    </figure>
-    <section id="inband_examuc_setup">
-      <title>Use-case Setup</title>
-      <para><emphasis role="bold">Network Configuration:</emphasis></para>
-      <orderedlist>
-        <listitem>
-          <para>Create an In-band management WAN Bridge (set
-          <literal>dpdkWan</literal> as the bridge type).</para>
-        </listitem>
-        <listitem>
-          <para>Bind the physical network interface that will be used for LAN
-          access to the <literal>DPDK</literal>.</para>
-        </listitem>
-        <listitem>
-          <para>Create a LAN Bridge and attach the DPDK LAN interface.</para>
-        </listitem>
-      </orderedlist>
-      <note>
-        <para>The WAN port of the very first VNF instantiated on the device
-        must be connected to the <literal>WAN</literal> bridge. All other VNFs
-        must be connected in chain with the first VNF.</para>
-      </note>
-      <para><emphasis role="bold">Onboarding the VNF:</emphasis></para>
-      <para>See onboarding parameters in <xref linkend="fortigate_firewall_uc_1" />.</para>
-      <para><emphasis role="bold">Instantiating the VNF:</emphasis></para>
-      <para>Instantiate the FortiGate VNF by filling the required fields with
-      the following values:</para>
-      <table>
-        <title>Instantiation Requirements</title>
-        <tgroup cols="2">
-          <colspec align="center" colwidth="1*" />
-          <colspec align="center" colwidth="4*" />
-          <thead>
-            <row>
-              <entry align="center">Field</entry>
-              <entry align="center">Description</entry>
-            </row>
-          </thead>
-          <tbody>
-            <row>
-              <entry align="left">Name</entry>
-              <entry align="left">Name of the VM which will be created on the
-              uCPE device.</entry>
-            </row>
-            <row>
-              <entry align="left">VNF Type</entry>
-              <entry align="left">Name of the onboarded VNF.</entry>
-            </row>
-            <row>
-              <entry align="left">uCPE Device</entry>
-              <entry align="left">Select the uCPE device where the VNF will be
-              instantiated.</entry>
-            </row>
-            <row>
-              <entry align="left">License file</entry>
-              <entry align="left">The FortiGate license file provided by
-              Fortinet.</entry>
-            </row>
-            <row>
-              <entry align="left">Configuration file</entry>
-              <entry align="left">The Firewall example configuration file provided
-              by Enea
-              (<filename>fortigate-basic-fw.conf</filename>).</entry>
-            </row>
-            <row>
-              <entry align="left">Port1 - WAN</entry>
-              <entry align="left">Set the <literal>External Interface</literal> type to 
-                <literal>DPDK</literal> and connect it to the <literal>ibm-wan-br</literal> ovs
-              bridge.</entry>
-            </row>
-            <row>
-              <entry align="left">Port2 - LAN1</entry>
-              <entry align="left">Set the <literal>Incoming Interface</literal> type to 
-                <literal>DPDK</literal> and connect it to the <literal>lan-br</literal> ovs 
-                bridge.</entry>
-            </row>
-            <row>
-              <entry align="left">Port3 - LAN2</entry>
-              <entry align="left">Set the <literal>Outgoing Interface</literal> type to 
-                <literal>DPDK</literal> and connect it to the <literal>lan-br</literal> ovs 
-                bridge.</entry>
-            </row>
-          </tbody>
-        </tgroup>
-      </table>
-    </section>
-    <section id="test_fortvnf_inband">
-      <title>Testing the Use-case</title>
-      <para>Once the VNF is instantiated, the setup is complete and ready for
-      testing. Connect the test machine to the LAN port. It will receive an IP
-      address from the FortiGate VNF and be able to access the
-      internet.</para>
-      <para>At this stage, three types of traffic are passing through the WAN
-      port on the same IP address:</para>
-      <itemizedlist>
-        <listitem>
-          <para>Device management traffic from the uCPE Manager.</para>
-        </listitem>
-        <listitem>
-          <para>FortiGate management interface traffic from a web
-          browser.</para>
-        </listitem>
-        <listitem>
-          <para>Data traffic from the LAN to the internet.</para>
-        </listitem>
-      </itemizedlist>
-      <para>If you have access from the uCPE Manager to the device as shown
-      above, this demonstrates that device management traffic passes through
-      the In-band management WAN bridge successfully.</para>
-      <para>To access the management interface of the VNF, connect from a web
-      browser to the public IP address of the device e.g.
-      <literal>https://&lt;IP&gt;</literal>. From a Test machine connected on
-      the LAN port, try a test ping to the internet e.g. "ping
-      8.8.8.8".</para>
-    </section>
-  </section>
-</chapter>
diff --git a/doc/book-enea-nfv-access-example-usecases/doc/introduction.xml b/doc/book-enea-nfv-access-example-usecases/doc/introduction.xml
index 74c11f3..456ab50 100644
--- a/doc/book-enea-nfv-access-example-usecases/doc/introduction.xml
+++ b/doc/book-enea-nfv-access-example-usecases/doc/introduction.xml
@@ -4,10 +4,10 @@
  <para>This document describes several example use-cases concerning uCPE
  configuration, onboarding and instantiation of certain VNFs, VNF chaining,
-  and In-band management.</para>
+  etc.</para>
  <note>
-    <para>Before running any example make sure the uCPE device(s) have been
+    <para>Before running any example use case make sure the uCPE device(s) have been
    added to the uCPE Manager and placed on the map.</para>
    <para>For detailed information on how to add a device to the uCPE Manager,
@@ -18,4 +18,8 @@
    xpointer="element(book_enea_nfv_access_getting_started/1)" />
    Manual.</para>
  </note>
-</chapter>
-\ No newline at end of file
+  
+  <para>Examples presented in this document use 3rd-party VNFs, which
+  are not provided by Enea. To procure and use these VNF image files and license files,
+  where applicable, please contact the VNF provider.</para>
+</chapter>
diff --git a/doc/book-enea-nfv-access-example-usecases/doc/vnf_chaining.xml b/doc/book-enea-nfv-access-example-usecases/doc/vnf_chaining.xml
index 27b83aa..f58e252 100644
--- a/doc/book-enea-nfv-access-example-usecases/doc/vnf_chaining.xml
+++ b/doc/book-enea-nfv-access-example-usecases/doc/vnf_chaining.xml
@@ -14,33 +14,49 @@
  <section id="preq_chaining">
    <title>Prerequisites</title>
+    <para>System requirements for the uCPE device:</para>
+    <itemizedlist>
+      <listitem>
+        <para>3 x Network Interfaces</para>
+      </listitem>
+      <listitem>
+        <para>4 GB of RAM memory</para>
+      </listitem>
+    </itemizedlist>
    <para>The following files are needed for this example use case:</para>
    <itemizedlist>
+      <para>VNF images:</para>
      <listitem>
-        <para><filename>vSRX-Site&lt;x&gt;.iso</filename>. The Juniper vSRX
+        <para>Fortigate VNF.</para>
-        VNF image, as the Cloud-Init files. This VNF image is not provided by
-        Enea. Please contact Juniper to get this image.</para>
      </listitem>
      <listitem>
-        <para>Fortigate VNF image. This image is provided by Enea.</para>
+        <para>Juniper vSRX VNF.</para>
      </listitem>
+    </itemizedlist>
+    <para>For VNF images and their license files, please contact the
+    VNF provider.</para>
+    <itemizedlist>
+      <para>VNF Configuration files, provided with your Enea
+      NFV Access Release:</para>
      <listitem>
-        <para><filename>vSRX-domain-update-script</filename>. This file is
+        <para><filename>vSRX-domain-update-script</filename>.</para>
-        provided by Enea.</para>
      </listitem>
      <listitem>
-        <para><filename>FortiFW-Site&lt;x&gt;.conf</filename> as the
+        <para><filename>vSRX-Site&lt;x&gt;.conf</filename>.</para>
-        Cloud-Init file(s). This file is provided by Enea.</para>
      </listitem>
      <listitem>
-        <para>License file(s) as the Cloud-Init content in the Cloud-Init tab.
+        <para><filename>FortiFW-Site&lt;x&gt;.conf</filename>.</para>
-        For license files for the VNFs, please contact the VNF
-        provider.</para>
      </listitem>
    </itemizedlist>
  </section>
@@ -58,27 +74,10 @@
    <para>Optionally, one additional device (PC/laptop) can be connected on
    the LAN port of each branch to run LAN-to-LAN connectivity tests.</para>
-    <figure>
-      <title>VNF Chaining with FortiGate Setup</title>
-      <mediaobject>
-        <imageobject>
-          <imagedata align="center" fileref="images/example_setup.png"
-                     scale="88" />
-        </imageobject>
-      </mediaobject>
-    </figure>
-    <note>
-      <para>For simplicity, the image above does not present the
-      management-plane, which will be described in the Setup steps.</para>
-    </note>
    <section id="exam_setup_chain">
      <title>Use-case Setup</title>
-      <para><emphasis role="bold">Configuring Network Interfaces on uCPE
+      <para><emphasis role="bold">Network Configuration</emphasis>:</para>
-      devices:</emphasis></para>
      <para>Both branches in the example have similar setups, therefore
      necessary step details are presented for only one branch. The second
@@ -135,16 +134,17 @@
        </listitem>
      </orderedlist>
-      <para><emphasis role="bold">Onboarding the VNFs:</emphasis></para>
+      <para><emphasis role="bold">Onboarding the VNFs</emphasis>:</para>
      <orderedlist>
        <listitem>
-          <para>Onboard Juniper vSRX using the VNF Onboarding Wizard:</para>
+          <para>Onboard Juniper vSRX using the VNF by filling the required
+          fields with the following values:</para>
          <itemizedlist>
            <listitem>
-              <para>The Flavor selected must have at least 2 vCPUs and 4 GB
+              <para>The Flavor selected must have at least 2 CPUs and 4 GB RAM
-              RAM since vSRX is quite resource consuming.</para>
+              since vSRX is quite resource consuming.</para>
              <para>Tested-inhouse with 4 vCPUs/ 6 GB RAM.</para>
            </listitem>
@@ -166,8 +166,8 @@
          <itemizedlist>
            <listitem>
-              <para>The Flavor selected can be quite light in resources, e.g.
+              <para>The Flavor selected can be quite light in resource
-              1 vCPU and 2 GB RAM.</para>
+              consumption, e.g. 1 CPU and 2 GB RAM.</para>
            </listitem>
            <listitem>
@@ -203,6 +203,11 @@
            <listitem>
              <para>Use <filename>vSRX-Site1.iso</filename> as the Cloud-Init
              file.</para>
+              <note>
+                <para>Please follow the Juniper's documentation to create
+                <filename>vSRX-Site1.iso</filename> file.</para>
+              </note>
            </listitem>
            <listitem>
@@ -300,17 +305,16 @@
      established and LAN to LAN visibility can be verified by connecting one
      device on each uCPE LAN port.</para>
    </section>
-  </section>
-  <section id="test_setup">
+    <section id="test_setup">
-    <title>Testing the Use-case</title>
+      <title>Testing the Use-case</title>
-    <para>Before testing LAN to LAN connectivity, preliminary tests of service
+      <para>Before testing LAN to LAN connectivity, preliminary tests of
-    can be run to ensure everything was set up properly. For instance, by
+      service can be run to ensure everything was set up properly. For
-    connecting to vSRX CLI (any site), one can test IKE security
+      instance, by connecting to vSRX CLI (any site), one can test IKE
-    associations:</para>
+      security associations:</para>
-    <programlisting>root@Atom-C3000:~ # cli
+      <programlisting>root@Atom-C3000:~ # cli
 root@Atom-C3000&gt; show security ike security-associations
 Index   State  Initiator cookie  Responder cookie  Mode           Remote Address
 1588673 UP     2f2047b144ebfce4  0000000000000000  Aggressive     10.1.1.2
@@ -318,91 +322,71 @@ Index   State  Initiator cookie  Responder cookie  Mode           Remote Address
 root@Atom-C3000&gt; show security ike security-associations index 1588673 detail
 ...</programlisting>
-    <para>Also, from the vSRX CLI, a user can check that the VPN tunnel was
+      <para>Also, from the vSRX CLI, a user can check that the VPN tunnel was
-    established and get statistics of the packets passing the tunnel:</para>
+      established and get statistics of the packets passing the tunnel:</para>
-    <programlisting>root@Atom-C3000&gt; show security ipsec security-associations
+      <programlisting>root@Atom-C3000&gt; show security ipsec security-associations
 ...
 root@Atom-C3000&gt; show security ipsec statistics index &lt;xxxxx&gt;
 ...</programlisting>
-    <para>From the Fortigate Firewall CLI on Site 1, one can check
+      <para>From the Fortigate Firewall CLI on Site 1, one can check
-    connectivity to the remote Fortigate FW (from Site 2):</para>
+      connectivity to the remote Fortigate FW (from Site 2):</para>
-    <programlisting>FGVM080000136187 # execute ping 192.168.168.2
+      <programlisting>FGVM080000136187 # execute ping 192.168.168.2
 PING 192.168.168.2 (192.168.168.2): 56 data bytes
 64 bytes from 192.168.168.2: icmp_seq=0 ttl=255 time=0.0 ms
 64 bytes from 192.168.168.2: icmp_seq=1 ttl=255 time=0.0 ms
 64 bytes from 192.168.168.2: icmp_seq=2 ttl=255 time=0.0 ms
 ...</programlisting>
-    <para>Since VNF management ports were configured to get IPs through DHCP,
+      <para>Since VNF management ports were configured to get IPs through
-    the user can use a Web-based management UI to check and modify the
+      DHCP, the user can use a Web-based management UI to check and modify the
-    configuration settings of both vSRX and Fortigate.</para>
+      configuration settings of both vSRX and Fortigate.</para>
-    <para>For example, in the case of vSRX, from the VNF CLI you can list the
+      <para>For example, in the case of vSRX, from the VNF CLI you can list
-    virtual interfaces as below:</para>
+      the virtual interfaces as below:</para>
-    <programlisting>root@Atom-C3000&gt; show interfaces terse
+      <programlisting>root@Atom-C3000&gt; show interfaces terse
 ...
 fxp0.0                  up    up   inet     172.24.15.92/22
 gre                     up    up
 ipip                    up    up
 ...</programlisting>
-    <para>When using provided configurations, the VNF management port for
+      <para>When using provided configurations, the VNF management port for
-    Juniper vSRX is always <literal>fxp0.0</literal>.</para>
+      Juniper vSRX is always <literal>fxp0.0</literal>.</para>
-    <para>In the case of Fortigate, from the VNF CLI you can list the virtual
+      <para>In the case of Fortigate, from the VNF CLI you can list the
-    interfaces as such:</para>
+      virtual interfaces as such:</para>
-    <programlisting>FGVM080000136187 # get system interface
+      <programlisting>FGVM080000136187 # get system interface
 == [ port1 ]
 name: port1   mode: dhcp  ip: 172.24.15.94 255.255.252.0   status: up netbios-forward:
 disable      type: physical   netflow-sampler: disable    sflow-sampler: disable...
 ...</programlisting>
-    <para>When using provided configurations, the VNF management port for
+      <para>When using provided configurations, the VNF management port for
-    Fortigate is always <literal>port1</literal>.</para>
+      Fortigate is always <literal>port1</literal>.</para>
-    <para>If functionality is as intended, LAN-to-LAN connectivity can be
+      <para>If functionality is as intended, LAN-to-LAN connectivity can be
-    checked (through the VPN tunnel) by using two devices (PC/laptop)
+      checked (through the VPN tunnel) by using two devices (PC/laptop)
-    connected to the LAN ports of each uCPE. Optionally, these devices can be
+      connected to the LAN ports of each uCPE. Optionally, these devices can
-    simulated by using Enea's sample VNF running on both uCPEs and connected
+      be simulated by using Enea's sample VNF running on both uCPEs and
-    to the <literal>lan_br</literal> on each side. Please note that
+      connected to the <literal>lan_br</literal> on each side. Please note
-    instructions for onboarding and instantiating this VNF is not in the scope
+      that instructions for onboarding and instantiating this VNF is not in
-    of this document.</para>
+      the scope of this document.</para>
-    <para>Since Fortigate VNF, which is acting as router and firewall, is
+      <para>Since Fortigate VNF, which is acting as router and firewall, is
-    configured to be the DHCP server for the LAN network, the device interface
+      configured to be the DHCP server for the LAN network, the device
-    connected to the uCPE LAN port has to be configured to get dinamically
+      interface connected to the uCPE LAN port has to be configured to get
-    assigned IPs. These IPs are in the 172.0.0.0/24 network for Site1 and the
+      dinamically assigned IPs. These IPs are in the 172.0.0.0/24 network for
-    172.10.10.0/24 network for Site2. Therefore, site-to-site connectivity can
+      Site1 and the 172.10.10.0/24 network for Site2. Therefore, site-to-site
-    be checked (from Site1) as such:</para>
+      connectivity can be checked (from Site1) as such:</para>
-    <programlisting>root@atom-c3000:~# ping 172.10.10.2
+      <programlisting>root@atom-c3000:~# ping 172.10.10.2
 PING 172.10.10.1 (172.10.10.2): 56 data bytes
 ...</programlisting>
+    </section>
  </section>
+</chapter>
-  <section id="limitations">
-    <title>Limitations</title>
-    <para>Below is a list of known limitations:</para>
-    <itemizedlist>
-      <listitem>
-        <para>The vSRX VNF has no trust-to-untrust and untrust-to-trust
-        policies (only trust-to-vpn and vpn-to-trust were configured).
-        Therefore, uCPEs were not configured for a "direct Internet access"
-        use-case.</para>
-      </listitem>
-      <listitem>
-        <para>The Fortigate VNF has no "real" firewall policies set, i.e. all
-        traffic from LAN is allowed to pass through the WAN interface and
-        vice-versa.</para>
-      </listitem>
-    </itemizedlist>
-  </section>
-</chapter>
-\ No newline at end of file
author	Sona Sarmadi <sona.sarmadi@enea.com>	2019-10-07 13:43:34 +0200
committer	Miruna Paun <Miruna.Paun@enea.com>	2019-10-11 15:12:53 +0200
commit	c809d907776503d4bdae0056a78ebb4d8840d559 (patch)
tree	22aac1ec36f5503217b3e47f36b79e412b858753
parent	a5ce1952613df9f1286c2be8cfe81b625b7b7bbf (diff)
download	el_releases-nfv-access-c809d907776503d4bdae0056a78ebb4d8840d559.tar.gz