summit 16: arm mini-summit - nxp qoriq nfv solutions - nxp semiconductors
TRANSCRIPT
ARM Mini SummitNXP QorIQ NFV Solutions
Sam FullerHead of Strategy and Solutions
NXP Semiconductors
NFV Motivates a New Vision for the NetworkTransform the Network – inspired by cloud computing
Many diverse,
custom systems
Fewer,
homogenousCOTS systems Standardize on fewer COTS components
Virtualize services to support scale out solutionsSimplify services into rudimentary elements
Migrate control and management policy to central location
Place virtual workloads to reduce cost, increase value
VM VM VM
Vir
tual
ize
Cen
tral
ize
Clo
ud
ify
SDN Controller
Our Key NFV Message
Virtual Network Functions will be distributed throughout the network1
2
3
A common ecosystem will be shared throughout
Virtual Network Functions Infrastructure will be optimized for placement-specific needs
Scale-out performancePerformance Efficiency
NFV Use-cases and Deployment Trends
Source: 2015 Infonetics NFV SP Survey
Deployment Spread Across the NetworkNot just Data-Center, Platform-as-a-Service
Distributed NFV : Don’t Replace Networking With Computing; Blend them
• Systems in the field provide• I/O, Acceleration• Low latency
• The NFVI must be capable of geographic distribution• VNF hosting distributed throughout network• Capability, capacity, context determine where VNFs run
• Services can be chained across domains
Rigid Data Center Centralization Intelligent Flexible Cloud
NFV
ComputingNetworking
Data Center
Distributed NFV places workload where it is most efficient and leverages local acceleration – yielding greater performance/W
NXP Focus
Open Platform for NFV – Mapping to Hardware
• Virtualized Datapath Protocol OffloadsIPSec tunneling, Virtual forwarding (OvS),Traffic Control
• Virtualized Access to Accelerators Using virtioInterfaces
Crypto, Ipsec (protocol offload), veth (logical switch ports), etc.
NFV Compute Node
Open, Scalable, Performance / Cost Optimized SolutionSoftware Fully Compatible with Open Standards Using Virtualized Acceleration
General Purpose Processors (ARMv8)
Software Virtualization Layer (SDN)
Instance(VNF)
Instance(VNF)
Instance(VNF)
Hardware Virtualization Layer
Network IO High Speed Serial IOI/O Processing
Virtual Forwarder(Open vSwitch Datapath)
Virtual Forwarder (OVS)
Standard Installation Environment
Coherent Interconnect
CPU MemoryHierarchy
Acceleration I/O
• Driving standardization Linux, ODP, Virtio, DPDK
• Driving relevant open standards bodies ETSI NFV, OPNFV (DPACC), ONF, LNF
• Standard SW installation environment• UEFI, ONIE, ACPI, uboot
Platform-independent binary application images
Standard Virtual Platform with transparent (virtualized) acceleration
What Can/Should Be Accelerated?
• Networking Domain• Switching
• Routing
• Cryptography (IPSEC tunneling)
• Computing Domain• Virtualization
• Virtualized IO
• Pattern Matching (DPI workloads)
Some possible workloads/algorithms that would benefit from HW accelerationSome possible workloads/algorithms that would benefit from HW acceleration
LS1012A
• 1 Gbps Crypto
• 1-2W
LS1043A
• 2-3 lite-VNF
• 10 GigE
• 5 Gbps Crypto
• 5-10W
LS2080A
• 6-8 heavy-VNF
• 8x 10 GigE
• 20 Gbps Crypto
• 20-35W
Home, SMB, Gateway Routers &
Access Points
Virtualized Edge & CPE Networking Equipment
Cloud NFV Infrastructure
LS1046
• 3-4 lite-VNF
• 2x10 GigE
• 10 Gbps Crypto
• 10-12W
Industry’s most scalable ARM64 communications processor line-up
LS2088A
• 8 - 10 heavy-VNF
• 8x 10 GigE
• OVS Offload
• 20 Gbps Crypto
• 30-45W
LS1088A
• 6-8 lite-VNF
• 2x 10 GigE
• OVS Offload
• 10 Gbps Crypto
• 15-20W
LEADING THE 64-BIT ARM® WAVE IN NETWORKING
LS1023A
• 10 GigE
• 5 Gbps Crypto
• 2-5WLite VNF – Under 1Gbps throughputHeavy VNF – Greater than 1 Gbps throughput
Virtualizable CPE with QorIQ LS1088A
OpenFlow
Agent
QorIQ LS1088A OPNFV Platform
vSwitch
OA Router vNF1
Veth-port
ODPODP
User Space
Kernel Space
KVM Hypervisor
Veth-port
Supports fully compliant OPNFV platform
VNF source compatible using DPDK API
6-8 Lite vNFs with dedicated cores
OVS Offload frees up GPP core(s) AND significantly improves network throughput (>5X vs. single GPP core)
IPSEC HW Acceleration increases CPE capacity
Significant cost savings
1G Eth 1/10G Eth
vNF2
Veth-port
ODP
Router Firewall
Veth-port
ODP/DPDKODP/DPDK
Veth-port
DPI
Veth-port
ODP/DPDK
OvS Offload Hardware
1G Eth 1G Eth 1/10G Eth
Power and Cost Optimized for Use at Premise and Network Edge
IPSEC Offload HW
vCPE Smart Edge and Dynamic Service Chaining
eth0IPSEC
Service Provider Edge/Cloud vCPE
Internet
Controller Node
-> OpenstackController-> OpenContrail-> Floodlight Controller
vNF Bring up: Controller will boot default vNF’s on LS2085A and LS1043A using Openstack controller. Service Chaining: Contrail traffic policy is to forward all traffic through Firewall vNF of LS1043 and
LS2085 to provide safe Internet access to enterprise clients
vRoutervRouter
vhost0
eth0 ni1
vhost0
wlan0
Service Chaining: Using OpenContrail user can select particular vNF’s to be part of the Traffic Policy on LS1043 and LS2085 eg: adding Reputation Service & Global Threat Analysis in service chain on LS2085 and App ID on
LS1043.
Traffic Flow: After adding App ID vNF on LS1043 & Reputation Service & Global Threat Analysis vNF on LS2085ARDB using Contrail GUI
vNF
Firewall
vNF
Firewall
vNF
DHCP & QoS
vNF
IPSEC
vNF
App ID
vNF
Global Threat
vNF
Rep. Service
NXP QorIQ NFV Platform
• ARMv8: LS1043, LS1046, LS1048, LS1088, LS2080, LS2088Standard Hardware Platforms
• CentOS, Debian, Ubuntu with UEFIStandard Linux Distro
• KVM, QEMU, DockerStandard Virtualization components
• OP-NFV: OpenDayLight, OpenStack, Open ContrailStandard Orchestration and
Management
• DPDK, ODP, OVS, VirtioStandard API and libraries
• vFirewall, vNAT, vRouter, vVPNReference Virtual Network Functions
• Benchmarks, User-guide, DocumentationOut-of-the-Box Experience
Data Center vs. Premise/Edge Deployments
Data Center
Premise Edge
Each of these systems needs to:Support virtualized/containered workloadsSupport remote managementSupport common MANO framework
Platform Software will be optimized for each systemPlatform Software will be optimized for each system
NXP, the NXP logo and QorIQ are trademarks of NXP B.V. All other product or service names are the property of their respective owners. ARM is a registered trademark of ARM Limited (or its subsidiaries) in the EU and/or elsewhere. All rights reserved. © 2016 NXP B.V.