Thank you to everyone who joined SDxCentral for its latest DemoFriday featuring 6WIND on improving network function virtualization (NFV) performance. In this presentation, 6WIND showed us the results of their NFV Performance Report and went in depth about the performance results for 6WIND’s new Speed Series family. After the demo, 6WIND was nice enough to take some questions from the attendees. Read the whole Q&A from the 6WIND DemoFriday below and see how you can improve your NFV performance!
What role does OVS play in 6WIND architecture?
6WIND: OVS is one of the protocols accelerated by the 6WIND Virtual Accelerator, among other virtual switching and virtual networking protocols required to support all kinds of virtual infrastructure deployment scenarios. This includes standard L2 scenarios based on OVS or Linux bridge, but also more complex ones, including OpenStack Distributed Virtual Routing and VPN as a service. As a matter of fact, L3 support in the compute node is mandatory for hyper-scale clouds with over 100K servers to avoid Network Node single point of failure and scalability issues.
Technically speaking, 6WIND Virtual Accelerator offloads data plane processing from Linux, transparently to the existing Linux technology. For OVS, this means that standard tools such as ovs-vsctl, OpenFlow controllers or OpenStack continue to configure the standard OVS of Linux and transparently benefit from Virtual Accelerator’s packet processing speed up.
Compared to standard Linux, and depending on the use case, OVS performance is increased by up to eight times, and CPU core usage on the hypervisor is divided by up to 10.
What would performance be like if the router runs as VM?
6WIND: 6WIND Turbo Router performance is the same in bare metal or VM.
The bottleneck when run as a VM is the virtual switch technology. With a standard Linux, virtual switch performance per core is poor and does not scale when cores are added. An alternative is to use SR-IOV or PCI passthrough to dedicate NICs to VMs, but in that case L2/L3 processing in the virtual switch is lost (required by OpenStack scenarios for example), and high throughput service chaining use cases are limited by the bandwidth of the PCI bus.
6WIND Virtual Accelerator provides virtual switching and networking acceleration to make efficient use of hypervisor CPU cores, so that VM performance is not limited by the virtual switch anymore. It also provides high performance Virtio drivers to support existing VMs.
The upcoming SDxCentral benchmark report will include detailed performance results about 6WIND Turbo Appliances performance when run as VMs on top of 6WIND Virtual Accelerator, including comparison with standard Linux.
Will there be any change in performance results if VMs are spun using OpenStack instead of qemu-kvm command?
6WIND: Performance is the same when the VMs are started manually using qemu-kvm or automatically using OpenStack. To enable high performance networking in an OpenStack environment, 6WIND contributes to integration of VIF drivers for high performance vNIC backends (vhost-user). Other OpenStack services remain unchanged.
Can you show how performance degrades as you add feature processing mix? Also, is it gradual or is there steep drop-off in the performance degradation?
6WIND: 6WIND protocols have been written from scratch with high performance packet processing on multicore architectures in mind. The algorithms are lockless and the number of cache misses are minimized. Therefore, performance per core is maximized and scales when cores are added. We know the number of CPU cycles required by each protocol to process a packet, which allows us to estimate quite accurately the performance when features are mixed together. Performance numbers are provided on our web site for various protocols, and we have additional numbers available on request. We would be happy to answer any specific request.
Does your IP stack run in user space?
6WIND: Yes, on Intel architectures. The 6WIND networking stack is a user land application that leverages the DPDK for high performance I/Os and adds more than 50 networking protocols on top of it. These protocols have been written from scratch with high performance packet processing on multicore architectures in mind.
The 6WIND networking stack also supports Broadcom XLP, EZChip TILE-Gx and soon IBM Power8, where it also runs in user land. On Cavium OCTEON, the 6WIND networking stack runs in a non-Linux execution environment called simple executive.
Can the 6WIND router be used in an Openstack DVR architecture by replacing OVS with 6WIND?
6WIND: 6WIND Virtual Accelerator provides virtual switching and networking acceleration. This includes OVS and Linux bridge acceleration for the switching part, and also filtering, NAT, virtual routing (netns) and more that are required by DVR. As far as we know, 6WIND Virtual Accelerator is the only virtual switch acceleration solution that supports advanced OpenStack use cases such as DVR, involving filtering, NAT, security groups, and others.
Beyond switching, which feature does the Virtual Accelerator implement?
6WIND: In addition to virtual switching based on OVS or the Linux bridge, 6WIND Virtual Accelerator supports a complete set of networking protocols to provide a complete virtual networking infrastructure, including but not limited to: VLAN, VXLAN, virtual routing (netns), filtering, and NAT. It also provides high performance Virtio drivers to support existing VMs. 6WIND Virtual Accelerator has been tested with many OpenStack scenarios, including L2, L3, Distributed Virtual Routing, and security groups.
Does 6WIND have a ML2 plugin for neutron?
6WIND: No. Existing ML2 mechanisms for OVS or the Linux bridge transparently benefit from 6WIND Virtual Accelerator performance without any modification. 6WIND only contributes to integration of VIF drivers for high performance vNIC backends (vhost-user). Other OpenStack services remain unchanged.
Can a person manage this from any existing orchestrator?
6WIND: Yes. 6WIND products are transparent to management and orchestration technologies as they are based on standard Linux and transparently provide packet processing acceleration. 6WIND Virtual Accelerator has been tested with OpenStack, OpenDaylight, Nuage, HP NFV Director, and our ecosystem will extend in the future.
Is this VMware ESXI compliant? What are other virtualizer systems compliant with the 6WIND platform?
6WIND: 6WIND Virtual Accelerator focuses on Linux QEMU/KVM. We have validated with RHEL 7.1 OSP5 and OSP6, Ubuntu 14.04, RDO, OpenStack IceHouse, and Juno. We keep the list updated as new releases come up.
In an OpenStack environment, will OVS performance become the bottleneck that limits the 6WIND performance or is OVS no longer in the picture ?
6WIND: OpenStack uses standard Linux features, such as OVS or the Linux bridge. The Linux kernel is a bottleneck for high performance networking in virtual environments. This is why acceleration solutions are required. 6WIND Virtual Accelerator offloads data plane processing from Linux in order to remove these bottlenecks. And this is done transparently to the existing Linux technologies such as ovs-vsctl, OpenStack, OpenDaylight, etc.
Note that accelerating OVS is necessary but not sufficient. Virtual infrastructure deployments (with OpenStack DVR for example) will involve many features in addition to switching, such as filtering, NAT, virtual routing (netns) and more. For VPNaaS and interconnection of data centers, IPsec will be required, too. As far as we know, 6WIND Virtual Accelerator is the only technology supporting acceleration of these additional features.
What do you usually use for L2 control protocols?
6WIND: 6WIND Virtual Accelerator is fully transparent to Linux, so that any Linux control plane protocol can be used to configure the data path and benefit from Virtual Accelerator performance.
Does 6WIND have similar tests results for accelerated OVS?
6WIND: Yes, we have done extensive testing for our accelerated OVS solution showing wire speed performance with 240 Gbps throughput. Watch the demo video here. We also have demo videos for our Turbo Router software running as a VM on top of our Virtual Accelerator’s accelerated OVS solution and Turbo IPsec software also running as a VM on top of our Virtual Accelerator’s accelerated OVS solution.