Sandeep Shah, Director of Systems Architecture, EZchip Technologies

Linley Data Center Conference, February 5-6, 2014

Challenges in Implementing High-Performance SDN and NFV Systems

© 2016 Mellanox Technologies 2

EZchip Overview

Fabless semiconductor company, NASDAQ listed (EZCH) Leading provider of Network Processors (NPUs) to the Carrier Ethernet (CE) market,

especially for edge routers EZchip is a strategic supplier to the top Carrier Ethernet vendors Recently announced the NPS, a revolutionary line of NPUs

• For next generation L2-7 router line cards, data center and cloud • Enabling new scalable architectures for SDN & NFV • 256 C-programmable Task Optimized Processors, 4K virtual threads • Large set of hardware and algorithmic accelerations • Integrates EZchip’s highly differentiated TM technology

EZchip founded in 1999; 200 employees, 160 in R&D in Israel Global offices in Israel (HQ); San Jose, CA; Boston, MA; and China Strong financial model; $191M in cash, no debt

© 2016 Mellanox Technologies 3

The Promise of SDN & NFV

SDN &

NFV

Improve network agility and operational efficiency

Reduce CAPEX & OPEX

Deliver secure functionality to thousands of tenants across dozens of datacenters

© 2016 Mellanox Technologies 4

New Network Architectures

SDN Decoupling data from control plane

NFV Decoupling software from hardware

Separate but complementary architectures

Data Plane Virtual networks

Control Plane Centralized

Software Virtual functions

Hardware Common platform

Virtualize also the network resources (in addition to compute and storage)

© 2016 Mellanox Technologies 5

Carrier Network Example

CPE

Customer Premise Equipment

CPE

CPE

CPE

PE

Provider Edge

PE

IP Backbone

Mobile Core

Network Functions

Network Functions

Network Functions

Enterprise Data

Center

Enterprise Branch

Enterprise Branch

Residences

security, load balance, DPI, monitoring

Build out data center capacity

Internet

Data Center

TOR Servers

SAN Spine Switches

© 2016 Mellanox Technologies 6

CPE

Customer Premise Equipment

CPE

CPE

CPE

PE

Provider Edge

PE

IP Backbone

Mobile Core

Network Functions

Network Functions

Network Functions

Enterprise Data

Center

Enterprise Branch

Enterprise Branch

Residences

security, load balance, DPI, monitoring

Data Center

Internet

Virtualizing mobile core functions

TOR

SAN Spine Switches

Carrier Network Example

Servers

vMobile Core

© 2016 Mellanox Technologies 7

CPE

Customer Premise Equipment

CPE

CPE

CPE

PE

Provider Edge

PE

IP Backbone

Network Functions

Network Functions

Network Functions

Enterprise Data

Center

Enterprise Branch

Enterprise Branch

Residences

security, load balance, DPI, monitoring

Internet

Virtualizing the network functions

TOR

SAN Spine Switches

Data Center

Carrier Network Example

Servers

vMobile Core vNFs

© 2016 Mellanox Technologies 8

CPE

Customer Premise Equipment

CPE

CPE

CPE

PE

Provider Edge

PE

IP Backbone

Enterprise Data

Center

Enterprise Branch

Enterprise Branch

Residences

Internet

vCPE Virtualizing the CPE

TOR

SAN Spine Switches

Data Center

Carrier Network Example

Servers

vMobile Core vNFs

© 2016 Mellanox Technologies 9

PE

Provider Edge

PE

IP Backbone

Enterprise Data

Center

Enterprise Branch

Enterprise Branch

Residences

Internet

Iaas / Paas

Data Center

TOR

SAN Spine Switches

Data Center

vCPE Virtualizing Enterprise DC

vNFs

Carrier Network Example

Servers

vMobile Core

© 2016 Mellanox Technologies 10

Implementation Challenges

NFV creating large server overhead • Most or all server cycles spent on networking functions • Performance does not scale much beyond 10G • Performance cliffs due to cache and TLB misses causing unpredictable behavior • vSwitch per server adds huge network management overhead

Fixed function networking silicon lacks critical capabilities • Lacks support for large number of addresses, flows, tunnels, buffering, security, QoS, sophisticated

traffic management • ACLs becoming more complex, not just basic 5-tuple anymore

- Requirements of 1K ACLs per VM, 40 VMs per server, 40 servers per rack yields 1.6M ACLs per rack - No switch can support that

• Unable to support new standards, features, protocols; features are burned in the silicon

© 2016 Mellanox Technologies 11

SDN & NFV Drive SW Solutions

Software solutions: Programmable

(e.g. CPUs & NPUs)

Hardcoded solutions: Fixed function ASICs

SDN & NFV

© 2016 Mellanox Technologies 12

SDN & NFV Network Challenges

Performance and Scalability: Data Path

Acceleration Load

Balancing Performance Monitoring

Many vSwitches

Many Subscribers

Reliability: High Availability

Faults & Correlation

Health Monitoring

Security: Tenants Services Functions

© 2016 Mellanox Technologies 13

Need to Accelerate

L2/3 switching & routing

Network overlay

termination

TCP termination

Security

DPI

Service chaining

Scaling to millions of

flows

Classification & ACL

Traffic Management

© 2016 Mellanox Technologies 14

Required

L2/3 switching & routing

Network overlay

termination

TCP termination

Security

DPI

Service chaining

Scaling to millions of

flows

Traffic Management

High-performance, feature-rich,

easily-programmed NPU to integrate within the

NFV & SDN framework

Classification & ACL

© 2016 Mellanox Technologies 15

NPS NPU for Smart Networks

L2/3 switching & routing

Network overlay

termination

TCP termination

Security

DPI

Service chaining

Scaling to millions of

flows

Traffic Management

Introducing the NPS

Classification & ACL

© 2016 Mellanox Technologies 16

NPS NPU performance

with CPU programmability

Introducing the NPS-400

400 Gbps C-programmable

Security and DPI hardware

acceleration Linux OS

Layer 2 - Layer 7 processing

© 2016 Mellanox Technologies 17

NPS-400 Key Features 400Gbps all layer C-programmable NPU

• 600Mpps wire speed with up to 960Gbps oversubscription On chip Traffic Manager & VOQ

• 1M queues, 5-level H-QoS 960Gbps of network I/O

• Including 1GE, 10GE, 40GE, 100GE, 400G ILKN and PCIe Gen 3.0 Integrated EFA (Ethernet Fabric Adaptor)

• Enables a full line card on a chip 256xCTOP processors with 4K HW threads at 1GHz core speed

• Native algorithmic instructions for efficient execution • 4K-way SMP Data Plane Linux, run to complete architecture with no SW overhead

Supports various inline services via dedicated HW accelerators • Security: IPSec/SSL encryption & decryption at 200Gbps • DPI: C-programmable RegEx stream content processing at 200Gbps

On-chip TCAM with TCAM algorithmic extension to external DRAM • Scales to millions of ACL rules

Based on commodity DDR3 & DDR4 memory providing up to 96GB • Virtually unlimited tables, states, counters at wire-speed performance

© 2016 Mellanox Technologies 18

NPS: Optimized for Data Plane

Parallel Performance

• Optimized for server architecture • Designed for highest single-thread performance • General purpose capabilities • Best for control plane and general purpose applications

• Optimized for networking systems • Designed for massive parallel processing • Large set of networking HW accelerations • Best for L2-L7 data plane processing

A single NPS-400 can deliver network processing capacity equal to 48 servers

(full rack) with power of less than one server Sing

le T

hrea

ded

Perf

orm

ance

© 2016 Mellanox Technologies 19

Data Center Network

Edge Router

TOR Switch

Rack of Servers

Appliances and Services Blades

An NFV network layer can be located in multiple network elements

© 2016 Mellanox Technologies 20

TOR Switch

Rack of Servers

Edge Router Appliances and Services Blades

Replace an ASIC-based TOR switch with a Smart NFV TOR: Network layer processing for VNFs Complete offload of vSwitch and network overlay Minimum server I/O overhead Significant reduction in cost and power

Smart NFV TOR

Smart NFV TOR Switch

© 2016 Mellanox Technologies 21

TOR Switch

Rack of Servers

Appliances and Services Blades

Edge Router

Smart edge router to facilitate an effective NFV architecture:

Deep packet classification for mapping traffic into flows and service chains

Dynamic load balancing among various distributed VNFs

Accommodate many subscribers and service chains

NFV Enabled Edge Router

NFV Enabled Edge Router

© 2016 Mellanox Technologies 22

TOR Switch

Rack of Servers

Blade or appliance with network processing resources:

Virtualized on-demand services per VNF

Servers and VNFs throughout the data center

Appliances and Services Blades

NFV Accelerated White Box/Appliances/Blades

Edge Router

NFV Service Blade/Appliance

© 2016 Mellanox Technologies 23

NPS in the Data Center

Smart NFV TOR

NFV Enabled Edge Router NFV Accelerated White Box/Appliances/Blades

Complete offload of vSwitch and network overlays

Network layer processing for VNFs

Mapping traffic into flows and service chains

Dynamic load balancing among distributed VMs & VNFs

© 2016 Mellanox Technologies 24

Summary

SDN & NFV virtualize the cloud network

Improve network agility, efficiency & cost

Network performance, scalability & management challenged

One NPS is equivalent to a rack of servers for network processing

NPS enables smart edge routers, TOR switches & appliances

For use by all network equipment and software vendors

Thank You