The ideas around Software-Defined Networking (SDN) and Network Functions Virtualization (NFV), each in their own right, have been around in the industry for many years. They have garnered significant interest in the marketplace as methods to break the vertical market stranglehold that vendors have had on networking hardware and software products and associated technologies. These disruptive influences that SDN and NFV promise still share additional hurdles and shortcomings to overcome, real or perceived, to reach their full potential.
In the past, data centers, mobile operators and enterprises have built their network infrastructure mainly based on custom-designed, physical hardware and software. Example applications include network gateways, switches, routers, network load balancers, varied mobile applications in the mobile core and radio access network such as vEPC (virtual evolved packet core), vCPE (virtual customer premise equipment), vRAN (virtual Radio Access Network) and security applications like firewalls, NGFW, IDS/IPS, SSL/IPsec offload appliances, DLP and antivirus applications, to name just a few.
To summarize the idea behind NFV: the vision is that rather than procuring and deploying custom networking devices for these varied applications, operators would prefer to support these functions as software applications, called virtualized network functions (VNFs), running on virtual machines or in containers on standard servers rather than buying proprietary appliances to run each networking application. Moving away from discrete, customized architectures to a more consolidated “x86-only architecture” promises to reduce costs, simplify deployment and management of networking infrastructure, widen supplier choice and, ultimately, enable horizontal scale-out in the networking and security market.
It is simply an unattainable goal in many instances today to assume that applications in software on standard platforms are going to be able to meet the throughput and latency demands that applications require without throwing significant CPU resources at the problem. Operators are realizing that the cost savings that NFV promises are offset by the need to deploy entire racks of compute resources at a problem that a single appliance could previously support. The CPU and server costs, rack space and power required to meet the same performance footprint of a dedicated solution ends up being as expensive as or more than custom-designed alternatives. The vision of dramatically lower total cost of ownership and operational simplicity are still a dream on the horizon.
5G driving the need to reimagine your network
5G networks will only exacerbate the performance and scaling problems that operators face with generic NFV infrastructure (NFVi). The move to 5G brings new requirements to mobile networks, creating its own version of hyperscale networking that is needed to meet the performance goals for the technology, but at the right economy scale. Numerous factors are fundamentally unique to 5G networks when compared to previous 3G/4G instantiations of mobile protocols. The shorter the distance, the higher the frequency – thus, the more bandwidth that can be driven over the wireless network.
Also fundamental to 5G is a massive increase in the number of users/devices (both human and IoT), which fundamentally affects the number of unique flows in the network and necessitates very low latency requirements. 5G also promises lower energy/cost than previous mobile technologies. These 5G goals, when realized, will drive the application of wireless communications to completely new areas never seen before.
The solution: offload
To meet these stringent requirements, operators have realized that to scale virtualized networking functions (VNFs) to meet performance goals requires dataplane acceleration based on FPGA-based SmartNICs. This technique offloads the x86 processors that are hosting the varied VNFs to support the breadth of services promised.
SmartNIC acceleration of virtual switching proves to be the highest-performing and most secure method of deploying VNFs. Virtual machines (VMs) can use accelerated packet I/O and guaranteed traffic isolation via hardware while maintaining vSwitch functionality. FPGA-based SmartNICs specialize in the match/action processing required for vSwitches and can offload critical security processing, freeing up CPU resources for VNF applications. Functions like virtual switching, flow classification, filtering, intelligent load balancing and encryption/decryption can all be performed in the SmartNIC and offloaded from the x86 processor housing the VNFs while, through technologies like VirtIO, be transparent to the VNF, providing a common management and orchestration layer to the network fabric.
It is a foregone conclusion that gone are the days of fixed-function, hardened, expensive, slow-to-maneuver and costly-to-operate networking and security solutions. The technique to overcome the challenges that are facing NFV deployments requires reconfigurable computing platforms based on standard servers capable of offloading and accelerating compute-intensive workloads, either in an inline or look-aside model to appropriately distribute workloads between x86 general-purpose processors and software-reconfigurable, FPGA-based SmartNICs optimized for virtualized environments.
By coupling general-purpose COTS server platforms with FPGA-based SmartNICs that are capable of supporting the most demanding requirements, network applications can operate at hundreds of gigabits of throughput with support for many millions of simultaneous flows. With this unique architecture leveraging the benefits of COTS hardware for networking applications, the vision of NFV is not over the horizon but is clearly attainable.
To live in the world of software-defined and virtualized computing, without trading off performance, this reconfigurable computing platform architecture will allow companies to reimagine their networks and businesses by bringing hyper-scale computing benefits to their networks and deploy new applications and services at the speed of software.
About the author
Daniel Proch is VP of product management at Napatech, and has over 20 years’ experience in the IT and networking industry. Prior to joining Napatech in 2017, Daniel was Sr. director of product management and solutions architecture at Netronome. Prior to that he was manager of network solutions and principal engineer, office of the CTO at Ericsson. He has an MS in Information Science/Telecommunications from the University of Pittsburgh and a BS in Mechanical Engineering from Carnegie Mellon University.