V1.0 | ©6WIND 2014. All rights reserved. All brand names, trademarks and copyright information cited in this presentation shall remain the property of its registered owners.

SPEED MATTERS

V1.0 | 2©6WIND 2014

Network Architecture Transformation Towards Virtualization

Proprietary Hardware

Platform

Application

Proprietary Hardware

Platform

Application

Proprietary Hardware

Platform

Application

Applic

ation

Applic

ation

Applic

ation

Linux Has Bottlenecks

The Hardware Is Ready

Virtual Apps Are Limited

10/40/100G Server

Hypervisor

V1.0 | 3©6WIND 2014

The Promise of NFV

High Performance Data Plane is required to compete with

legacy architectures

Bring Network

Performance To

Virtualization

Replace

Expensive

Network

Equipment

V1.0 | 4©6WIND 2014

Performance Requirements for NFV

Hypervisor

Virtual Machine

Application

Linux

Virtual Machine

Application

Windows

Virtual Machine

Application

Any

OS

Virtual Machine

Application

Any

OS

Hardware Independence

High Performance East-West Communications

Throughput

V1.0 | 5©6WIND 2014

Limitations of Virtual Switching

Virtual Machine

Application

Linux

Virtual Machine

Application

Windows

Virtual Machine

Application

Any

OS

Virtual Machine

Application

Any

OS

High Performance East-West Communications

Hypervisor

Virtual Switch

Throughput

Hardware Independence

V1.0 | 6©6WIND 2014

Limitations of Single Root I/O Virtualization (SR-IOV)

Virtual Machine

Application

Linux

Virtual Machine

Application

Windows

Virtual Machine

Application

Any

OS

Virtual Machine

Application

Any

OS

High Performance East-West Communications

SR-IOVHypervisor

Hardware Independence

Throughput

V1.0 | 7©6WIND 2014

6WINDGate Packet Processing Software: High Performance, Transparency, Portability, Features

Fastest performance on the market; in both

physical and virtual environments

Transparent, no change to OS, hypervisor and

management (OpenStack)

Available across all market-leading platforms

Native support for layer 2 - 4 network protocols

Multicore Processor Platform

Fast

PathNetwork Stack

Control Plane

Fast

Path

Fast

Path

Fast

Path

V1.0 | 8©6WIND 2014

Networking

Stack

Control

Plane

Fast

Path

Transparent to Operating System

?Local

info

Local

info

Fast path packet

Continuous

synchronization

Exception packet

Synchronization

modules

V1.0 | 9©6WIND 2014

Linux Kernel

Fast Path

Linux / Fast Path

Synchronization

Orchestration

Existing Linux

applications are not

modified

Developing new

applications is pure

Linux development

Linux distribution

& hypervisor is not

modified

Linux running 6WINDGate is Linux

Networking

Control Plane

Quagga

Monitoring

3rd party and

customer

applications

V1.0 | 10©6WIND 2014

6WINDGate Removes Performance Bottlenecks

Perf

orm

an

ce

(Mil

lio

ns O

f P

ackets

Per

Seco

nd

)

...Fast Path Cores

...

Increase OS

stability by

offloading resource

intensive mundane

tasks Standard Linux

Becomes

Unstable

Performance benefits

scale with the

number of

processing cores

1 2 3 8 9 10 ...

V1.0 | 11©6WIND 2014

Ethernet

NICs

Transparent operation;

no change to OS,

hypervisor and

management

Solution available on

market-leading

processors and

software environments

Incremental path to new

architectures thanks to

support of a large

choice of NICs

6WIND at the Heart of a Rich and Open Ecosystem

Smart

NICs

OS and

Hypervisor

Processors

Hardware Platforms

DPDK

V1.0 | 12©6WIND 2014

6WINDGate Deployment Options

Linux

Application Software

Physical Network

Appliance

Virtual Machine

Linux (Guest OS)

Application Software

Software Network

Appliance

VM

Hypervisor

Linux (Host OS)

Virtualized Network

Appliance

VM

Any OS…

V1.0 | 13©6WIND 2014

Linux Userland

Linux Kernel

Linux Networking Stack

Fast P

ath

6WINDGate IP Forwarding

Architecture

Multicore Processor Platform

FP

N-S

DK

Forwarding

IPv4/IPv6

Other FP

modules

Shared memory

L3

forwarding

table

L2 ARP/NDP

table

Forwarding

IPv4/IPv6

statistics

L3

forwarding

table

L2 ARP/NDP

table

Linux / fast path

synchronization

(statistics)

Forwarding table

updatesNetlink

notifications

Routing

protocol

Linux / fast path

synchronization

(configuration)

V1.0 | 14©6WIND 2014

6WINDGate IP forwarding

performance

9.57 Mpps per core

Up to 226.83 Mpps with 40 cores

Performance scales linearly

with the number of cores

configured to run the fast

path.

Performance is independent

of frame size.

Intel IP Forwarding

Test Results

V1.0 | 15©6WIND 2014

Linux Userland

Linux Kernel

Linux Networking Stack

6WINDGate IPsec

Architecture

Multicore Processor Platform

IPsec SPD IPsec SADLinux / fast path

synchronization

(statistics)

Fast P

ath

IPsec

IPv4/IPv6

Other FP

modules

Shared memory

IPsec SPD

IPsec SAD

IPsec

IPv4/IPv6

statistics

Security table

updatesNetlink

notifications

IKEv1/v2Linux / fast path

synchronization

(configuration)

FP

N-

SD

K

Crypto

DP

DKIntel®

QuickAssist

Crypto

Intel® Multi-

Buffer Crypto

Cavium

NITROX SDK

5.X Crypto

V1.0 | 16©6WIND 2014

6WINDGate IPsec performance

(AES-128 HMAC-SHA1)

5.24 Gbps per core

for 1420B packets

Up to 193.27 Gbps using 40 cores

Performance scales linearly

with the number of cores

configured to run the fast path

Intel Multi-Buffer IPsec

Test Results

V1.0 | 17©6WIND 2014

Linux Kernel

Fast Path

Linux Userland

Linux Networking Stack

6WINDGate OVS Acceleration

Architecture

Multicore Processor Platform

FP

N-

SD

K

Open

vSwitch

Flow Table

Bridge

interfaces

Linux / fast path

synchronization

(statistics)

Flow table

updatesNetlink

notifications

Open vSwitch

Control Plane

Linux / fast path

synchronization

(configuration)

OpenFlow

Controller

Shared memory

OVS

Acceleration

Flow Table

Bridge

interfaces

OVS

Acceleration

statistics

OVS

Acceleration

LAG

Filtering

IPsec

VLAN

Other

protocols

V1.0 | 18©6WIND 2014

6WINDGate OVS L2

switching performance

6.8 Mpps per core

Nearly 70 Mpps using 10

cores (20 threads)

Performance scales

linearly with the number of

cores configured to run

the fast path.

Performance is

independent of frame size.

6WINDGate Accelerated OVS:

Over 10x Performance over Standard Linux

V1.0 | 19©6WIND 2014

Linux Userland

Linux Kernel

Linux Networking

Stack

Fast P

ath

6WINDGate TCP/UDP Termination

Architecture

Multicore Processor Platform

FP

N-S

DK

TCP/UDP termination

Shared memory

TCP/UDP

configuration

TCP/UDP

statistics

TCP stack

Linux socket

API

TCP

application

Other FP

modulesForwarding

IPv4/IPv6

TCP proxy TCP serverOther TCP

applications

Fast path

socket API

V1.0 | 20©6WIND 2014

Bandwidth performance remains stable with 5M active concurrent sockets

Performance is limited by IXIA capacity (using 15 cores)

6WINDGate TCP/UDP Termination

Bandwidth Benchmarks

V1.0 | 21©6WIND 2014

Typical Performance Bottlenecks

Hypervisor

Virtual Switch

Driver Level Bottleneck

Virtual Switch Bottleneck

Communication Bottleneck - Host vs Guest OS

Virtual Machine Bottleneck

Virtual

MachineApplication

Software

Virtual

MachineApplication

Software

Server Platform

V1.0 | 22©6WIND 2014

Drivers for Virtual Appliance

• 6WIND drivers for high performance

communications

• Standard drivers for existing Virtual

Appliances

• Extensible for all OSs

Virtual

Appliance

(DPDK-

based)

Virtual

Appliance

(Linux-

based)

Virtual

Appliance

(Other

OSs)

Virtio

Guest

PMD

Virtio

Guest

Linux

Virtio

Guest

6WINDGate Brings Networking Performance to Virtualized

Architectures

Fast

vNIC

PMD

NICs

Virtual Acceleration

• 6WIND drivers for high performance

communications

• Accelerated virtual switch and

bridging

• Extended network services

• Dpdk.org with multi-vendor NIC

support

Fast vNIC

PMD

Virtio Host

PMD

Intel PMD Mellanox PMD Emulex PMD

IPsecFiltering

NAT

Forwarding

OVS Acceleration

Ethernet Bridge

VLAN VXLAN

GRE LAG

Fast

vNIC

Linux

Fast

vNIC

V1.0 | 23©6WIND 2014

Fast P

ath IPv4/IPv6

Forwarding

MPLS/VPLS

Encapsulation

IPv4/IPv6

Multi-cast

Filtering

IPv4/IPv6

IPsec SVTI

VLANLink

Aggregation

NAT

GRE

TCP/UDP

Termination

Flow

Inspection

L2TP/ PPPoE

BRASGTP-UVXLAN

Tunneling

(IPinIP)

IPsec

IPv4/IPv6

Ethernet

Bridging

6WINDGate Module List for High Performance VNFs

Dis

trib

ute

d A

rch.

Fast path

extensions

Control

plane

extensions

Contr

ol P

lane

BFD SMR

L2TP,

PPPoE

BRAS

Routing /

Virtual

Routing

OVS Security

VRRP LACPVPN

Monitoring Hig

h A

vaila

bili

ty

LACP

Firewall /

NAT

Routing

ARP / NDP

DP

DK

Fast vNIC PMD

VMXNET3

Guest VMware

PMD

Intel®

QuickAssist

Crypto

VIRTIO Guest

XEN-KVM PMD

Intel® Multi-

Buffer Crypto

Cavium

NITROX SDK

5.X Crypto

Mellanox

ConnectX® -3

EN Series PMD

FP

N-S

DK

OVS

Acceleration

Emulex

OCE14000

Series PMD

QoS

Hardware

platform

independenceModular

virtualization

extensions

Complete

protocol portfolio

for VNFsGeneric

software

V1.0 | 24©6WIND 2014

VM

Any

OS

VM

Any

OS

VM

Linux

(Guest OS)

Application

Software

Hypervisor

6WINDGate NFV Solution

6WINDGate

networking data

plane technology

to develop high

performance

Virtual Network

Functions (VNFs).

…

1

6WIND Virtual

Accelerator for NFV

Infrastructure (NFVI)

based on virtual

switch acceleration.

2

Virtual

Accelerator

V1.0 | 25©6WIND 2014

VM

Any OS

VM

Any OS

VM

Any OS

1. 6WIND Virtual Accelerator for NFVI

Virtual

Accelerator

Hypervisor

Network hardware

independence for seamless

hardware upgrades

Support for Open vSwitch

and Linux Bridge with no

modifications

Complete virtual networking

infrastructure and multi-tenancy

High bandwidth for VM

performance, density and

communications

Transparent OpenStack

orchestration support

Physical NICs

V1.0 | 26©6WIND 2014

High performance Layer 2 – 4 packet processing software for

generic servers providing over 10x network performance vs.

standard software architecture

Extends Data Plane Development Kit (DPDK) with support for multi-

vendor NICs and crypto acceleration

Transparently accelerates Linux and virtualized networks

No impact on management

Applications: vRouter, vBRAS, vEPC, vCPE, vIPsec Gateways…

2. 6WINDGate for High Performance VNFs

V1.0 | 27©6WIND 2014

Service Provider Use Case:

6WINDGate Enables the Cost- Effective Transition to NFV

Virtualization of core

functions

Centralization of

access functions in

the core

Equivalent

performance for

physical and virtual

implementations

¼ cost vs physical

equipment

Server Platform

Virtual Machine

Hypervisor

Virtual Switch

Virtual Network

Function

Linux

Server Platform

Virtual Machine

Hypervisor

Virtual Switch

Virtual Network

Function

Linux

Server Platform

Virtual Machine

Hypervisor

Virtual Switch

Virtual Network

Function

Linux

V1.0 | 28©6WIND 2014

6WINDGate for EPC and vEPC

VM

PCEF,

ADC…

EPC vEPC

MME

SGW

PGW

Linux

PGW Application Software

VM

Mgmt

VM

MME

VM

SGW

VM

PGW

NFV InfrastructureHypervisor

Develop high performance

EPC in bare metal and

virtualized environments

Open high performance

networking platform for

NFVI based on virtual

switch acceleration

Develop high performance

EPC in bare metal

environments

Modularity and availability on

different hardware platforms

enable a progressive transition

from EPC to vEPC

V1.0 | 29©6WIND 2014

Cloud Provider Use Case:

6WINDGate Reduces VM TCO and Enables New Services

Increase VM

density

Increase

individual VM

performance

Enable new

services

No impact on

management

VM VM

Fast Path

6WINDGate DPDK

Fast vNIC PMD

OVS

Acceleration

Filtering

NAT

VM

VM VM

Leverage 40 G ports to

reduce costs by 75% per

port Fast Path

6WINDGate DPDK

Fast vNIC PMD

OVS

Acceleration

Filtering

NAT

VM

VM

VM

VM

VM

VM

VM

VM

VM

V1.0 | 30©6WIND 2014

Enterprise Use Case: Appliance Virtualization

Appliances are based on specialized

architectures

Rigid

High development costs

Long time-to-market

6WIND Virtual Accelerator enables

flexibility brought by virtualization and

removes Linux networking

performance bottlenecks on standard

servers

IPS

IPsec

GWFirewall

Load

Balancer

IPSIPsec

GW

Load

BalancerFirewall

Virtual

Accelerator

V1.0 | 31©6WIND 2014

VM

Linux

(Guest OS)

6WIND NFV Solution for vCDN

6WINDGate TCP

stack to develop

high performance

vCDN

applications.…

6WIND Virtual

Accelerator for NFV

Infrastructure (NFVI).

Virtual

Accelerator

Hypervisor

1

CDN Software

2

VM

Linux

(Guest OS)

CDN Software

V1.0 | 32©6WIND 2014

VM

Any OS

VM

Any OS

VM

Any OS

6WIND Virtual Accelerator Advantage

NICs

Virtual

Accelerator

Hypervisor

Network hardware

independence for seamless

hardware upgrades

Support for Open vSwitch

and Linux Bridge with no

modifications

Complete virtual networking

infrastructure

High bandwidth for VM

performance, density and

communications

Transparent OpenStack

orchestration support

V1.0 | 33©6WIND 2014

OpenStack Nova API

Instanciate VIF (Virtual Interface) to connect VMs to the host’s vSwitch (vNICs: (A) and (Q)) - virtio

OpenStack Neutron API

Get the networking configuration from the user’s intents and configure the datapath from the phyiscal ports to the vNICs

Example:

Linux Bridge

OVS

OpenDaylight

Alcatel Nuage

etc.

OpenStack networking

https://www.rdoproject.org/images/c/cc/Neutron_architecture.pngPerformance?

? ?

V1.0 | 34©6WIND 2014

Compute Nodes Neutron Diagram

dnsmasq

VM 1

eth0

tapYY…

qbrXX

qvbXX

br-int

qvoXX

qr-yyy

br-ex

eth0

qg-yyy

br-tun

eth1

patch-int

patch-tun

External Network

virtio / vhost device

Linux Bridge

veth Pair

OVS

Physical Interface

Network Namespace

OpenStack compute node (host)

tapzzz

IP

IP

IP

IP

qrouter-aaaa

qdhcp-bbbb

6WINDGate

6WINDGate

fast path

PMD PMD

PMD

V1.0 | 35©6WIND 2014

Compute

Node

Standard VM/VNF

(DPDK, Linux,

other OS)

Virtio

240Gbps 6WIND Virtual Accelerator

throughput on 12 cores of Xeon E5-2697 v2

@ 2.70GHz

1 core provides a 20Gbps Virtual Accelerator

bandwidth

Examples on a dual socket / 24 cores server

120Gbps North-South traffic delivered to standard

VMs or VNFs with 12 cores remaining for VMs

40Gbps North-South traffic with 20 cores remaining

for VMs

40Gbps North-South traffic and 160Gbps East-

West traffic for service chaining

6WIND Virtual Accelerator in OpenStack Compute Node

Standard VM/VNF

(DPDK, Linux,

other OS)

Virtual Accelerator

Physical

NICs

Virtual Switching

Open

vSwitch

Linux

Bridge

Multi-tenancy

GRE

VXLAN

VLAN

Virtual Networking

IP Fwd

VRFFiltering

NATLAG

Host

DriversVirtio

Virtio

V1.0 | 36©6WIND 2014

Network Node 240Gbps 6WIND Virtual Accelerator

throughput on 6 cores of Xeon E5-2697 v2 @

2.70GHz

1 core provides a 40 Gbps Virtual

Accelerator bandwidth

Examples

40Gbps North-South traffic on a dual socket / 24

cores server hosting both Network and Compute

Node on 6 cores, with 18 cores remaining for VMs

240Gbps North-South traffic on a single socket / 8

cores server feeding six 40Gbps Compute Nodes,

each hosting a 160Gbps service chain

6WIND Virtual Accelerator in OpenStack Network Node

Virtual Accelerator

Virtual Switching

Open

vSwitch

Linux

Bridge

Virtual Networking

IP Fwd

VRFFiltering

NATLAG

Multi-tenancy

GRE

VXLAN

VLAN

Physical

NICs

Host

DriversVirtio

V1.0 | 37©6WIND 2014

Vanilla Openstack - Linux Router + Linux Open vSwitch

x86 server with

4x10G Ports

Hypervisor

Linux Based

Virtual Machine

Open

vSwitch

IP Router7

Gbps

V1.0 | 38©6WIND 2014

7 Gbps

Boost Neutron with 6WIND’s Virtual Accelerator

x86 server with

4x10G Ports

Hypervisor

Virtual

Machine

Open

vSwitch

40

Gbps

Virtual

Accelerator

V1.0 | 39©6WIND 2014

6WIND Virtual Accelerator Integration

Enable NFV and Virtual Networking

Network Hardware Independence

Accelerated Open vSwitch or

Linux Bridging

High Bandwidth for VM Performance,

Density and Communications

Simple Integration for Turbo

Appliances and Third Party VMS

Hypervisor

Physical NICs

VM

Any OS

Turbo IPsecTurbo Router

V1.0 | 40©6WIND 2014