Post on 06-Aug-2015
V1.0 | ©6WIND 2014. All rights reserved. All brand names, trademarks and copyright information cited in this presentation shall remain the property of its registered owners.
SPEED MATTERS
V1.0 | 2©6WIND 2014
Network Architecture Transformation Towards Virtualization
Proprietary Hardware
Platform
Application
Proprietary Hardware
Platform
Application
Proprietary Hardware
Platform
Application
Applic
ation
Applic
ation
Applic
ation
Linux Has Bottlenecks
The Hardware Is Ready
Virtual Apps Are Limited
10/40/100G Server
Hypervisor
V1.0 | 3©6WIND 2014
The Promise of NFV
High Performance Data Plane is required to compete with
legacy architectures
Bring Network
Performance To
Virtualization
Replace
Expensive
Network
Equipment
V1.0 | 4©6WIND 2014
Performance Requirements for NFV
Hypervisor
Virtual Machine
Application
Linux
Virtual Machine
Application
Windows
Virtual Machine
Application
Any
OS
Virtual Machine
Application
Any
OS
Hardware Independence
High Performance East-West Communications
Throughput
V1.0 | 5©6WIND 2014
Limitations of Virtual Switching
Virtual Machine
Application
Linux
Virtual Machine
Application
Windows
Virtual Machine
Application
Any
OS
Virtual Machine
Application
Any
OS
High Performance East-West Communications
Hypervisor
Virtual Switch
Throughput
Hardware Independence
V1.0 | 6©6WIND 2014
Limitations of Single Root I/O Virtualization (SR-IOV)
Virtual Machine
Application
Linux
Virtual Machine
Application
Windows
Virtual Machine
Application
Any
OS
Virtual Machine
Application
Any
OS
High Performance East-West Communications
SR-IOVHypervisor
Hardware Independence
Throughput
V1.0 | 7©6WIND 2014
6WINDGate Packet Processing Software: High Performance, Transparency, Portability, Features
Fastest performance on the market; in both
physical and virtual environments
Transparent, no change to OS, hypervisor and
management (OpenStack)
Available across all market-leading platforms
Native support for layer 2 - 4 network protocols
Multicore Processor Platform
Fast
PathNetwork Stack
Control Plane
Fast
Path
Fast
Path
Fast
Path
V1.0 | 8©6WIND 2014
Networking
Stack
Control
Plane
Fast
Path
Transparent to Operating System
?Local
info
Local
info
Fast path packet
Continuous
synchronization
Exception packet
Synchronization
modules
V1.0 | 9©6WIND 2014
Linux Kernel
Fast Path
Linux / Fast Path
Synchronization
Orchestration
Existing Linux
applications are not
modified
Developing new
applications is pure
Linux development
Linux distribution
& hypervisor is not
modified
Linux running 6WINDGate is Linux
Networking
Control Plane
Quagga
Monitoring
3rd party and
customer
applications
V1.0 | 10©6WIND 2014
6WINDGate Removes Performance Bottlenecks
Perf
orm
an
ce
(Mil
lio
ns O
f P
ackets
Per
Seco
nd
)
...Fast Path Cores
...
Increase OS
stability by
offloading resource
intensive mundane
tasks Standard Linux
Becomes
Unstable
Performance benefits
scale with the
number of
processing cores
1 2 3 8 9 10 ...
V1.0 | 11©6WIND 2014
Ethernet
NICs
Transparent operation;
no change to OS,
hypervisor and
management
Solution available on
market-leading
processors and
software environments
Incremental path to new
architectures thanks to
support of a large
choice of NICs
6WIND at the Heart of a Rich and Open Ecosystem
Smart
NICs
OS and
Hypervisor
Processors
Hardware Platforms
DPDK
V1.0 | 12©6WIND 2014
6WINDGate Deployment Options
Linux
Application Software
Physical Network
Appliance
Virtual Machine
Linux (Guest OS)
Application Software
Software Network
Appliance
VM
Hypervisor
Linux (Host OS)
Virtualized Network
Appliance
VM
Any OS…
V1.0 | 13©6WIND 2014
Linux Userland
Linux Kernel
Linux Networking Stack
Fast P
ath
6WINDGate IP Forwarding
Architecture
Multicore Processor Platform
FP
N-S
DK
Forwarding
IPv4/IPv6
Other FP
modules
Shared memory
L3
forwarding
table
L2 ARP/NDP
table
Forwarding
IPv4/IPv6
statistics
L3
forwarding
table
L2 ARP/NDP
table
Linux / fast path
synchronization
(statistics)
Forwarding table
updatesNetlink
notifications
Routing
protocol
Linux / fast path
synchronization
(configuration)
V1.0 | 14©6WIND 2014
6WINDGate IP forwarding
performance
9.57 Mpps per core
Up to 226.83 Mpps with 40 cores
Performance scales linearly
with the number of cores
configured to run the fast
path.
Performance is independent
of frame size.
Intel IP Forwarding
Test Results
V1.0 | 15©6WIND 2014
Linux Userland
Linux Kernel
Linux Networking Stack
6WINDGate IPsec
Architecture
Multicore Processor Platform
IPsec SPD IPsec SADLinux / fast path
synchronization
(statistics)
Fast P
ath
IPsec
IPv4/IPv6
Other FP
modules
Shared memory
IPsec SPD
IPsec SAD
IPsec
IPv4/IPv6
statistics
Security table
updatesNetlink
notifications
IKEv1/v2Linux / fast path
synchronization
(configuration)
FP
N-
SD
K
Crypto
DP
DKIntel®
QuickAssist
Crypto
Intel® Multi-
Buffer Crypto
Cavium
NITROX SDK
5.X Crypto
V1.0 | 16©6WIND 2014
6WINDGate IPsec performance
(AES-128 HMAC-SHA1)
5.24 Gbps per core
for 1420B packets
Up to 193.27 Gbps using 40 cores
Performance scales linearly
with the number of cores
configured to run the fast path
Intel Multi-Buffer IPsec
Test Results
V1.0 | 17©6WIND 2014
Linux Kernel
Fast Path
Linux Userland
Linux Networking Stack
6WINDGate OVS Acceleration
Architecture
Multicore Processor Platform
FP
N-
SD
K
Open
vSwitch
Flow Table
Bridge
interfaces
Linux / fast path
synchronization
(statistics)
Flow table
updatesNetlink
notifications
Open vSwitch
Control Plane
Linux / fast path
synchronization
(configuration)
OpenFlow
Controller
Shared memory
OVS
Acceleration
Flow Table
Bridge
interfaces
OVS
Acceleration
statistics
OVS
Acceleration
LAG
Filtering
IPsec
VLAN
Other
protocols
V1.0 | 18©6WIND 2014
6WINDGate OVS L2
switching performance
6.8 Mpps per core
Nearly 70 Mpps using 10
cores (20 threads)
Performance scales
linearly with the number of
cores configured to run
the fast path.
Performance is
independent of frame size.
6WINDGate Accelerated OVS:
Over 10x Performance over Standard Linux
V1.0 | 19©6WIND 2014
Linux Userland
Linux Kernel
Linux Networking
Stack
Fast P
ath
6WINDGate TCP/UDP Termination
Architecture
Multicore Processor Platform
FP
N-S
DK
TCP/UDP termination
Shared memory
TCP/UDP
configuration
TCP/UDP
statistics
TCP stack
Linux socket
API
TCP
application
Other FP
modulesForwarding
IPv4/IPv6
TCP proxy TCP serverOther TCP
applications
Fast path
socket API
V1.0 | 20©6WIND 2014
Bandwidth performance remains stable with 5M active concurrent sockets
Performance is limited by IXIA capacity (using 15 cores)
6WINDGate TCP/UDP Termination
Bandwidth Benchmarks
V1.0 | 21©6WIND 2014
Typical Performance Bottlenecks
Hypervisor
Virtual Switch
Driver Level Bottleneck
Virtual Switch Bottleneck
Communication Bottleneck - Host vs Guest OS
Virtual Machine Bottleneck
Virtual
MachineApplication
Software
Virtual
MachineApplication
Software
Server Platform
V1.0 | 22©6WIND 2014
Drivers for Virtual Appliance
• 6WIND drivers for high performance
communications
• Standard drivers for existing Virtual
Appliances
• Extensible for all OSs
Virtual
Appliance
(DPDK-
based)
Virtual
Appliance
(Linux-
based)
Virtual
Appliance
(Other
OSs)
Virtio
Guest
PMD
Virtio
Guest
Linux
Virtio
Guest
6WINDGate Brings Networking Performance to Virtualized
Architectures
Fast
vNIC
PMD
NICs
Virtual Acceleration
• 6WIND drivers for high performance
communications
• Accelerated virtual switch and
bridging
• Extended network services
• Dpdk.org with multi-vendor NIC
support
Fast vNIC
PMD
Virtio Host
PMD
Intel PMD Mellanox PMD Emulex PMD
IPsecFiltering
NAT
Forwarding
OVS Acceleration
Ethernet Bridge
VLAN VXLAN
GRE LAG
Fast
vNIC
Linux
Fast
vNIC
V1.0 | 23©6WIND 2014
Fast P
ath IPv4/IPv6
Forwarding
MPLS/VPLS
Encapsulation
IPv4/IPv6
Multi-cast
Filtering
IPv4/IPv6
IPsec SVTI
VLANLink
Aggregation
NAT
GRE
TCP/UDP
Termination
Flow
Inspection
L2TP/ PPPoE
BRASGTP-UVXLAN
Tunneling
(IPinIP)
IPsec
IPv4/IPv6
Ethernet
Bridging
6WINDGate Module List for High Performance VNFs
Dis
trib
ute
d A
rch.
Fast path
extensions
Control
plane
extensions
Contr
ol P
lane
BFD SMR
L2TP,
PPPoE
BRAS
Routing /
Virtual
Routing
OVS Security
VRRP LACPVPN
Monitoring Hig
h A
vaila
bili
ty
LACP
Firewall /
NAT
Routing
ARP / NDP
DP
DK
Fast vNIC PMD
VMXNET3
Guest VMware
PMD
Intel®
QuickAssist
Crypto
VIRTIO Guest
XEN-KVM PMD
Intel® Multi-
Buffer Crypto
Cavium
NITROX SDK
5.X Crypto
Mellanox
ConnectX® -3
EN Series PMD
FP
N-S
DK
OVS
Acceleration
Emulex
OCE14000
Series PMD
QoS
Hardware
platform
independenceModular
virtualization
extensions
Complete
protocol portfolio
for VNFsGeneric
software
V1.0 | 24©6WIND 2014
VM
Any
OS
VM
Any
OS
VM
Linux
(Guest OS)
Application
Software
Hypervisor
6WINDGate NFV Solution
6WINDGate
networking data
plane technology
to develop high
performance
Virtual Network
Functions (VNFs).
…
1
6WIND Virtual
Accelerator for NFV
Infrastructure (NFVI)
based on virtual
switch acceleration.
2
Virtual
Accelerator
V1.0 | 25©6WIND 2014
VM
Any OS
VM
Any OS
VM
Any OS
1. 6WIND Virtual Accelerator for NFVI
Virtual
Accelerator
Hypervisor
Network hardware
independence for seamless
hardware upgrades
Support for Open vSwitch
and Linux Bridge with no
modifications
Complete virtual networking
infrastructure and multi-tenancy
High bandwidth for VM
performance, density and
communications
Transparent OpenStack
orchestration support
Physical NICs
V1.0 | 26©6WIND 2014
High performance Layer 2 – 4 packet processing software for
generic servers providing over 10x network performance vs.
standard software architecture
Extends Data Plane Development Kit (DPDK) with support for multi-
vendor NICs and crypto acceleration
Transparently accelerates Linux and virtualized networks
No impact on management
Applications: vRouter, vBRAS, vEPC, vCPE, vIPsec Gateways…
2. 6WINDGate for High Performance VNFs
V1.0 | 27©6WIND 2014
Service Provider Use Case:
6WINDGate Enables the Cost- Effective Transition to NFV
Virtualization of core
functions
Centralization of
access functions in
the core
Equivalent
performance for
physical and virtual
implementations
¼ cost vs physical
equipment
Server Platform
Virtual Machine
Hypervisor
Virtual Switch
Virtual Network
Function
Linux
Server Platform
Virtual Machine
Hypervisor
Virtual Switch
Virtual Network
Function
Linux
Server Platform
Virtual Machine
Hypervisor
Virtual Switch
Virtual Network
Function
Linux
V1.0 | 28©6WIND 2014
6WINDGate for EPC and vEPC
VM
PCEF,
ADC…
EPC vEPC
MME
SGW
PGW
Linux
PGW Application Software
VM
Mgmt
VM
MME
VM
SGW
VM
PGW
NFV InfrastructureHypervisor
Develop high performance
EPC in bare metal and
virtualized environments
Open high performance
networking platform for
NFVI based on virtual
switch acceleration
Develop high performance
EPC in bare metal
environments
Modularity and availability on
different hardware platforms
enable a progressive transition
from EPC to vEPC
V1.0 | 29©6WIND 2014
Cloud Provider Use Case:
6WINDGate Reduces VM TCO and Enables New Services
Increase VM
density
Increase
individual VM
performance
Enable new
services
No impact on
management
VM VM
Fast Path
6WINDGate DPDK
Fast vNIC PMD
OVS
Acceleration
Filtering
NAT
VM
VM VM
Leverage 40 G ports to
reduce costs by 75% per
port Fast Path
6WINDGate DPDK
Fast vNIC PMD
OVS
Acceleration
Filtering
NAT
VM
VM
VM
VM
VM
VM
VM
VM
VM
V1.0 | 30©6WIND 2014
Enterprise Use Case: Appliance Virtualization
Appliances are based on specialized
architectures
Rigid
High development costs
Long time-to-market
6WIND Virtual Accelerator enables
flexibility brought by virtualization and
removes Linux networking
performance bottlenecks on standard
servers
IPS
IPsec
GWFirewall
Load
Balancer
IPSIPsec
GW
Load
BalancerFirewall
Virtual
Accelerator
V1.0 | 31©6WIND 2014
VM
Linux
(Guest OS)
6WIND NFV Solution for vCDN
6WINDGate TCP
stack to develop
high performance
vCDN
applications.…
6WIND Virtual
Accelerator for NFV
Infrastructure (NFVI).
Virtual
Accelerator
Hypervisor
1
CDN Software
2
VM
Linux
(Guest OS)
CDN Software
V1.0 | 32©6WIND 2014
VM
Any OS
VM
Any OS
VM
Any OS
6WIND Virtual Accelerator Advantage
NICs
Virtual
Accelerator
Hypervisor
Network hardware
independence for seamless
hardware upgrades
Support for Open vSwitch
and Linux Bridge with no
modifications
Complete virtual networking
infrastructure
High bandwidth for VM
performance, density and
communications
Transparent OpenStack
orchestration support
V1.0 | 33©6WIND 2014
OpenStack Nova API
Instanciate VIF (Virtual Interface) to connect VMs to the host’s vSwitch (vNICs: (A) and (Q)) - virtio
OpenStack Neutron API
Get the networking configuration from the user’s intents and configure the datapath from the phyiscal ports to the vNICs
Example:
Linux Bridge
OVS
OpenDaylight
Alcatel Nuage
etc.
OpenStack networking
https://www.rdoproject.org/images/c/cc/Neutron_architecture.pngPerformance?
? ?
V1.0 | 34©6WIND 2014
Compute Nodes Neutron Diagram
dnsmasq
VM 1
eth0
tapYY…
qbrXX
qvbXX
br-int
qvoXX
qr-yyy
br-ex
eth0
qg-yyy
br-tun
eth1
patch-int
patch-tun
External Network
virtio / vhost device
Linux Bridge
veth Pair
OVS
Physical Interface
Network Namespace
OpenStack compute node (host)
tapzzz
IP
IP
IP
IP
qrouter-aaaa
qdhcp-bbbb
6WINDGate
6WINDGate
fast path
PMD PMD
PMD
V1.0 | 35©6WIND 2014
Compute
Node
Standard VM/VNF
(DPDK, Linux,
other OS)
Virtio
240Gbps 6WIND Virtual Accelerator
throughput on 12 cores of Xeon E5-2697 v2
@ 2.70GHz
1 core provides a 20Gbps Virtual Accelerator
bandwidth
Examples on a dual socket / 24 cores server
120Gbps North-South traffic delivered to standard
VMs or VNFs with 12 cores remaining for VMs
40Gbps North-South traffic with 20 cores remaining
for VMs
40Gbps North-South traffic and 160Gbps East-
West traffic for service chaining
6WIND Virtual Accelerator in OpenStack Compute Node
Standard VM/VNF
(DPDK, Linux,
other OS)
Virtual Accelerator
Physical
NICs
Virtual Switching
Open
vSwitch
Linux
Bridge
Multi-tenancy
GRE
VXLAN
VLAN
Virtual Networking
IP Fwd
VRFFiltering
NATLAG
Host
DriversVirtio
Virtio
V1.0 | 36©6WIND 2014
Network Node 240Gbps 6WIND Virtual Accelerator
throughput on 6 cores of Xeon E5-2697 v2 @
2.70GHz
1 core provides a 40 Gbps Virtual
Accelerator bandwidth
Examples
40Gbps North-South traffic on a dual socket / 24
cores server hosting both Network and Compute
Node on 6 cores, with 18 cores remaining for VMs
240Gbps North-South traffic on a single socket / 8
cores server feeding six 40Gbps Compute Nodes,
each hosting a 160Gbps service chain
6WIND Virtual Accelerator in OpenStack Network Node
Virtual Accelerator
Virtual Switching
Open
vSwitch
Linux
Bridge
Virtual Networking
IP Fwd
VRFFiltering
NATLAG
Multi-tenancy
GRE
VXLAN
VLAN
Physical
NICs
Host
DriversVirtio
V1.0 | 37©6WIND 2014
Vanilla Openstack - Linux Router + Linux Open vSwitch
x86 server with
4x10G Ports
Hypervisor
Linux Based
Virtual Machine
Open
vSwitch
IP Router7
Gbps
V1.0 | 38©6WIND 2014
7 Gbps
Boost Neutron with 6WIND’s Virtual Accelerator
x86 server with
4x10G Ports
Hypervisor
Virtual
Machine
Open
vSwitch
40
Gbps
Virtual
Accelerator
V1.0 | 39©6WIND 2014
6WIND Virtual Accelerator Integration
Enable NFV and Virtual Networking
Network Hardware Independence
Accelerated Open vSwitch or
Linux Bridging
High Bandwidth for VM Performance,
Density and Communications
Simple Integration for Turbo
Appliances and Third Party VMS
Hypervisor
Physical NICs
VM
Any OS
Turbo IPsecTurbo Router
V1.0 | 40©6WIND 2014