This week, 6WIND announced extensions to the 6WINDGate™ networking software that deliver a 10x performance improvement for virtual switches. In partnership with other industry-leading SDN companies, we will be demonstrating at the Open Networking Summit the use of 6WINDGate for virtual switch acceleration to address a critical performance challenge within OpenFlow-based cloud and telecom data centers.
Why is the virtual switch a key technology and how it should evolve to meet the performance challenges of SDN-based data centers?
There are today two major trends in data center networking.
- Network architecture scalability requires low-cost, high-performance network appliances. SDN transforms the business model for network appliances, replacing the traditional, vertically-integrated physical appliance model characterized by proprietary software running on proprietary hardware. It’s now possible to develop first software-based appliances then virtual appliances using generic hardware platforms, typically x86, based on general purpose processors with virtual networking appliance software running in a virtualized environment.
- Because of the performance improvement of the new generation of multicore processors and the introduction of 40Gbps Ethernet, we can expect a massive growth in the number of VMs per server. As a consequence, the data center network needs to expand beyond its current limit at the Top-of-Rack (ToR), to a model where a virtual switch on each server blade is used to distribute the increasing volume of network traffic to virtualized applications.
In both examples, the software virtual switch function that distributes the network traffic to the different VMs within either the network appliance (case 1) or the server (case 2) becomes critical.
Open vSwitch, the open source version of the virtual switch function, is now included as part of the Linux kernel and is available in most popular distributions. Open vSwitch features are summarized here. It implements Layer 2 and encapsulation mechanisms, brings the necessary features to virtualize network resources and also supports a number of features that allow a network control system to dynamically adjust resources as the environment changes.
There are today some available technologies to improve the performance of the data plane of a virtual switch on a server platform.
First of all, the performance of processors based on multicore technology has significantly increased and we can expect the next generation of servers will be more powerful, thanks to the inclusion of more sockets and the integration of more cores per processor.
Secondly, Intel released its Data Plane Development Kit (Intel® DPDK) software. The DPDK library enables the design of high performance networking software based on either pipelined or run-to-completion architectures. It runs in Linux userspace, providing optimizations for Intel® architecture platforms such as data plane libraries, optimized NIC drivers (queue and buffer management, packet flow, classification, poll-mode NIC drivers along with a simple API Interface and standard tool chain) and a run-time environment (low overhead, run-to-completion model optimized for fastest possible data plane performance).
Running a virtual switch on the Intel DPDK architecture is a first approach to improve switching capabilities compared to a standard Linux implementation. However, 6WIND is now able to provide a solution that removes the performance bottlenecks of a virtual switch while scaling linearly on a large number of cores.
6WIND has developed its virtual switch acceleration by reusing the architecture concepts of 6WINDGate based on the separation of the data plane and the control plane to maximize data plane performance.
To ensure maximum networking performance on standard hardware platforms, 6WINDGate integrates the Intel® DPDK software library, which enables high-performance packet processing on Intel® Xeon processors. 6WINDGate also includes a range of virtualization-oriented performance enhancements to the standard Intel® DPDK.
Packet processing functions such as Layer 2 switching are performed in a fast path environment, running on dedicated processor cores outside the OVS kernel. This avoids the overheads and latencies associated with the OVS kernel. Unlike the standard OVS, the performance of 6WINDGate scales linearly based on the number of cores configured to run the fast path, even if these cores are distributed across multiple processors.
The 6WINDGate fast path architecture is totally transparent to the control plane. No changes are required to OVS when 6WINDGate is used. 6WINDGate monitors standard OVS data plane calls, intercepting appropriate packets and processing them in the fast path, transparently to the OVS control plane.
As a consequence, 6WINDGate is fully compatible with the OpenFlow protocol. This includes control plane configuration support as well as OpenFlow-specific data plane functions and actions. 6WINDGate is also compatible with the other configuration protocols implemented by OVS.
6WINDGate provides acceleration capabilities beyond Layer 2 switching. The growth in East-West traffic means that high-bandwidth VM-to-VM communication (VM2VM) is mandatory. To isolate and secure VM2VM, however, requires secure tunneling services, running on the virtual switch, that extend beyond the basic Layer 2 features provided by a typical virtual switch. 6WINDGate accelerates VLAN, GRE, etc. and can provide security features such as IPsec using either software or hardware crypto acceleration.
This chart compares the performance in millions packets per second 6WINDGate can achieve compared to a standard OVS. It shows 6WINDGate provides a 5x performance improvement on a single core and it scales much better to reach a 10x performance improvement on 10 cores.
The significant acceleration of a virtual switch on a standard Intel server platform will enable the deployment of a large number of virtual machines on a server as well as the deployment of the new generation of workloads that will have to process more network data in a secure environment.
We will be happy to welcome you to our booth number 401 at the Open Networking Summit in mid-April to show you our demo.