After years of being bound to proprietary, expensive hardware/software bundles, organizations were excited by the prospect of software-defined networking (SDN) and network functions virtualization (NFV). Each of these approaches offers a new freedom and flexibility, but they’ve languished as promise and reality have met in the data center. The industry-disrupting potential of NFV and SDN is tempered by challenges that still must be overcome.
Enterprises, mobile operators and data centers have historically built their network infrastructure mainly on custom-designed physical hardware and software. Examples include network gateways; switches; routers; network load balancers; mobile applications in the mobile core and radio access network, such as vEPC (virtual evolved packet core), vCPE (virtual customer-premises equipment), vRAN (virtual radio access network); and security applications such as firewalls, NGFW, IDS/IPS, SSL/IPSec offload appliances, DLP, and antivirus applications—to name just a few.
Traditionally, operators have had to buy and deploy custom networking devices for these varied applications. The vision behind NFV is that operators would be able to support these functions as software applications, called virtual network functions (VNFs), running on virtual machines or in containers on standard servers rather than buying proprietary appliances to run each networking application. Moving away from discrete custom architectures to a more consolidated “x86-only architecture” promises to reduce costs, simplify deployment and management of networking infrastructure, widen supplier choice, and ultimately, enable horizontal scale-out in the networking and security market.
Most often, it’s an unrealistic assumption that applications in software on standard platforms will meet the throughput and latency demands without allocating considerable CPU resources. Operators are realizing that the cost savings of NFV are offset by the need to deploy entire racks of compute resources for a problem that a single appliance could previously solve. The CPU and server costs, rack space, and power required to meet the same performance footprint of a dedicated solution end up being as expensive as or more than custom-designed alternatives. The vision of operational simplicity and dramatically lower total cost of ownership are still a dream on the horizon.
The Complicating Factor of 5G
As 5G networks become a reality, operators will confront even greater performance and scaling problems with their generic NFV infrastructure (NFVi). The move to 5G brings new requirements to mobile networks, creating its own version of hyperscale networking that’s necessary to meet the technology’s performance goals, but at the right economy scale. Numerous factors are fundamentally unique to 5G networks compared with previous 3G/4G instantiations of mobile protocols. The shorter the distance, the higher the frequency—thus, the more bandwidth that the wireless network can handle.
In lockstep with the emergence of 5G is a skyrocketing number of users/devices (both human and IoT), which fundamentally affects the number of unique flows in the network and necessitates very low latency. This new technology also promises lower energy and cost than previous mobile technologies. These 5G goals, when realized, will drive the application of wireless communications to completely new areas.
The Power of Smart NICs
To scale virtual networking functions to meet performance goals, operators must deploy data-plane acceleration based on FPGA-based smart NICs. This technique offloads the x86 processors that are hosting the varied VNFs to support the promised breadth of services.
It turns out that using smart NICs to accelerate virtual switching is the highest-performing and most secure method of deploying VNFs. Virtual machines (VMs) can use accelerated packet I/O and guaranteed traffic isolation via hardware while maintaining vSwitch capability. FPGA-based smart NICs specialize in the match/action processing required for vSwitches and can offload critical security processing, freeing up CPU resources for VNF applications. Functions such as virtual switching, flow classification, filtering, intelligent load balancing and encryption/decryption can all be performed in the smart NIC and offloaded from the x86 processor housing the VNFs while, through technologies like VirtIO, remaining transparent to the VNF, providing a common management and orchestration layer to the network fabric.
A New Architecture
Running network and security solutions that are fixed function, hardened, expensive, slow to maneuver and costly to operate is no longer viable. The technique to overcome the challenges facing NFV deployments requires reconfigurable computing platforms based on standard servers. Also, these servers must be capable of offloading and accelerating compute-intensive workloads using either an in-line or look-aside model to appropriately distribute workloads between x86 general-purpose processors and software-reconfigurable FPGA-based smart NICs optimized for virtual environments.
Network applications can operate at hundreds of gigabits of throughput with support for many millions of simultaneous flows when general-purpose COTS server platforms are coupled with FPGA-based smart NICs that support the most demanding requirements. With this unique architecture exploiting the benefits of COTS hardware for networking applications, the NFV vision isn’t over the horizon; it’s clearly attainable. A reconfigurable computing-platform architecture enables organizations to take part in software-defined and virtualized computing without sacrificing performance.
About the Author
Daniel Proch is VP of product management at Napatech and has over 20 years’ experience in the IT and networking industry. Before joining Napatech in 2017, Daniel was senior director of product management and solutions architecture at Netronome. Before that, he was manager of network solutions and principal engineer, office of the CTO, at Ericsson. He has an M.S. in information science/telecommunications from the University of Pittsburgh and a B.S. in mechanical engineering from Carnegie Mellon University.