WHITE PAPER
Intel® Architecture Processors
Networking and Communications
Open, Simplified Networking Based on SDN
and Network Functions Virtualization
Part I of series discusses how network functions consolidated onto standard, high-volume servers,
switches and storage reduce equipment, operational costs and time to market for new services.
Introduction
Today’s networks are overly complex, partly due to an increasing
variety of proprietary, fixed-function appliances that are
unable to deliver the agility and economics needed to address
constantly changing market requirements. This is because
network elements have traditionally been optimized for high
packet throughput at the expense of flexibility, thus hampering
the development and deployment of new services. Another
concern is that rapid advances in technology and services are
accelerating the obsolescence of installed hardware; and in
turn, hardware isn’t keeping up with other modes of feature
evolution, which constrains innovation in a more network-centric,
connected world.1
Flexible networking architecture
enables network operators
to react more quickly and
economically to an ever-evolving
market landscape.
In response, the industry has begun to develop more interoperable solutions
per the principles outlined by Software-Defined Networking (SDN) and a
complementary initiative, Network Functions Virtualization (NFV). At the heart
of these two approaches is the decoupling of network functions from hardware
through abstraction. The end result is software workloads will no longer be tied
to a particular hardware platform, allowing them to be controlled centrally and
deployed dynamically throughout the network as needed. Moreover, network
functions can be consolidated onto standard, high-volume servers, switches
and storage, further reducing time to market and costs for network operators.
This white paper, written in three parts, describes an SDN/NFV-based
network architecture using open building blocks, and provides implementation
details for a switching model that combines physical and virtual switches.
After reading these papers, one will be able to explain the rationale for
this network transformation, describe the relationships among the various
relevant components and open standards, understand how physical and virtual
switching will co-exist, and learn how Intel® reference designs can help reduce
development time.
Part I: SDN and NFV
SDN Objectives
The explosion of mobile devices and video content, server
virtualization and the advent of cloud services are some of the
trends driving the networking industry to reexamine traditional
network architectures, according to the Open Networking
Foundation (ONF).2 The ONF is a non-profit consortium of
more than 80 companies dedicated to the transformation of
networking through the development and standardization
of SDN. The consortium points out that many conventional
networks are hierarchical, built with tiers of Ethernet switches
arranged in a tree structure. This design made sense when
client-server computing was dominant, but such a static
architecture is ill-suited to the dynamic computing and storage
needs of today’s enterprise data centers, campuses and carrier
environments.
SDN is an approach to building networks that accomplishes the
following:
• Separates the control and data planes
How is SDN expected to impact network architecture? First,
consider the simple representation of traditional networking
on the left side of Figure 1, where vertically-integrated boxes
supporting vendor-specific applications and services are located
throughout the network. One downside is network intelligence
is distributed, making the configuration and management of
network elements rather arduous. When deploying new services
today, network operators generally add fixed-function, packet
processing appliances, creating a network that is difficult to
power manage, costly to scale and cumbersome to expand.
The right side of Figure 1 shows an SDN implementation that
separates the control and data planes. Network intelligence
is centralized in software-based SDN controllers that have a
global view of the network. As a result, the network can be
more easily programmed by external applications, and network
administrators can shape traffic from centralized control
consoles without having to configure individual switches.3
• Provides a global view of the network to a centralized
controller
• Enables external applications to program the network
Traditional Networking
SDN
Network
Intelligence
Network Intelligence
OS
OS
Network
Intelligence
OS
API
Switch Silicon
API
Network
Intelligence
Switch Silicon
API
API
Switch Silicon
Switch Silicon
Switch Silicon
API
API
Switch Silicon
Switch Silicon
Figure 1. An example of SDN transforming the network
2
Switch Silicon
API
Network
Intelligence
OS
API
OS
Part I: SDN and NFV
Mobility
Management
Element
(MME)
Packet Data
Network
Gateway
(PDN)
Serving
Gateway
(SGW)
VM:
MME
VM:
PDN
VM:
SGW
SDN/NFV
Figure 2. From purpose-built boxes to virtualized network functions running on standard servers
NFV Objectives
CapEx Savings
NFV was established to leverage standard IT virtualization
technology in order to consolidate many network equipment
types onto industry-standard, high-volume servers.1 Illustrating
this point, Figure 2 shows a variety of hardware-based
appliances that could be replaced by software-based network
functions running in virtual machines (VMs) on servers located
in data centers, network nodes, end-user premises, and the like.
These software-based functions include, but are not limited to,
routing, policy management, security, deep packet inspection
(DPI), billing management, offloading, spectral management and
dynamic power management.
•
Cut Hardware Cost – Benefit from the economies of scale
of the IT industry by using high-performance, commercial
off-the-shelf (COTS) servers to run virtualized network
functions. These platforms typically cost significantly
less than purpose-built appliances that employ specialtyhardware components, like custom ASICs, FPGAs and
network processors.
•
Consolidate Network Equipment – Combine multiple
network functions, which today require separate boxes,
onto a single server, thereby reducing floor space and
power cable routing requirements.
•
Implement Multi-tenancy – Support multiple users on
the same hardware platform capable of providing tailored
services and connectivity with secure separation of
application execution environments. Multi-tenancy allows a
network operator to support multiple customers with less
equipment.
To accelerate progress, a network operator-led Industry
Specification Group (ISG) with open membership was created
under the auspices of ETSI to work through the technical
challenges for NFV. The first specifications are expected by
the end of 2013.4 The ISG seeks to address several challenges,1
including:
• The development of high-performance, virtualized network
appliances that are portable between different hardware
vendors and work with different hypervisors.
OpEx Savings
•
Shorten Development and Test Cycles – Run production,
test, development and service upgrades on the same
infrastructure using virtualization. This reduces the time
required to set up a new sandbox and allows developers
to run the software on the actual target hardware, making
test results more reliable.
•
Improve Operational Efficiency – Eliminate the one-off
support requirements of application-specific hardware by
employing standard servers that deliver higher uniformity
across physical network platforms and are supported by a
homogeneous set of tools. Centralized configuration and
management is much easier and more efficient compared to
using vertical or proprietary tools. Moreover, the skills set
across the industry for operating standard, high-volume IT
servers is much larger and less fragmented than for today’s
telecom-specific network equipment.1
• The management and orchestration of numerous virtual
network appliances (particularly alongside legacy
management systems), while ensuring security in the event
of attack or misconfiguration.
By deploying network functions as virtual software applications,
network operators can gain flexibility lacking in current network
environments, and achieve cost reduction and service velocity
already proven in enterprise data centers.
Key Benefits
The flexibility afforded by SDN and NFV can help network
operators reduce both capital expenditures (CapEx) and on-going
operational expenditures (OpEx), as well as achieving faster
time to market for new services, as described in the following
examples.
3
Part I: SDN and NFV
•
Reduce Energy Consumption – Use power management
features in standard servers, as well as dynamic workload
rebalancing, to lower power consumption during off-peak
periods. This is accomplished by routing the workload to a
subset of the available resources and powering down the
rest. For example, a given traffic profile may require eight
processor cores during peak time, but only two cores during
off-peak, such that six cores can be powered down.
Service Revenue Opportunities
•
Boost Innovation – Enlist an emerging ecosystem of
independent software vendors (ISVs), open source
developers and academia on the cutting edge of virtual
appliances. The openness of SDN and NFV encourages a
wide range of players that bring new capabilities to services
development while decreasing risk for network operators.
•
Deploy Services Faster – Add new services to network
nodes by copying the associated software into a virtual
machine (VM) instead of installing a network appliance, thus
saving weeks or months. Virtualization also decreases the
downtime for in-service software upgrades (ISSU) because
application software modifications can be administered
relatively easily and without taking the equipment offline.
•
Target Service By Geography – Introduce a service to
a particular geography or customer by downloading the
necessary software only to applicable servers. In addition,
the computing resources assigned to the service can be
changed remotely, allowing easy scaling – up or down – as
needed.
The network applications layer contains network applications
such as DPI, transcoding, traffic engineering, load balancing and
path optimization.
The controller layer manages the network control plane,
configures network devices, chooses the optimal network
path for application traffic flows and handles requests from
network applications. The controller communicates with network
applications via a northbound API and the nodes via southbound
application programming interfaces (APIs).
The node layer is the workhorse of the network. It’s typically
a computation end point (e.g., cloud server), a gateway (e.g.,
network appliance) or a distribution point (e.g., top-of-rack
switch). The network state, configuration and treatment of
traffic flows in the infrastructure layer are determined in the
controller and “pushed” to the nodes over the control-data
plane interface or southbound API.6 For example, the API could
be based on OpenFlow*, a programmable network protocol
supported by various vendors. The technology consists of
three parts: flow tables installed on switches, a controller and
an OpenFlow protocol for the controller to talk securely with
switches.7
Virtual switches can be created using proprietary software
or open source alternatives such as Open vSwitch*, which can
operate both as a soft switch running within the hypervisor and
as the control stack for switching silicon. It has been ported to
multiple virtualization platforms and switching chipsets.8
Networking Framework
Orchestrator
SDN and NFV architecture combined consists of four layers,
called orchestration, network applications, controller and node,
as shown in Figure 3.
The orchestration layer contains an orchestrator that automates
provisioning, coordination and management of defined services
within a data center or telecom network. This layer also
interfaces to external applications and systems. Orchestration
functions can be carried out using a resource management tool,
such as OpenStack* from the OpenStack Foundation. This cloud
operating system controls large pools of compute, storage and
networking resources throughout a network or datacenter, all
managed through a dashboard that gives administrators control
while enabling their users to provision resources through a web
interface.5
e.g., OpenStack*
Network Applications
Northbound API
Controller
Controller
Southbound API
e.g., OpenFlow*,
Open vSwitch*
Node
Node
Node
Node
Node
Node
Network
Appliances
Switch
Cloud
Servers
Media
Gateways
EPC
C-RAN
Figure 3. SDN and NFV network framework
4
Part I: SDN and NFV
Intel® Architecture: A Flexible, Scalable Approach to
Network Expansion
Intel’s 4:1 Workload Consolidation Strategy
Intel® architecture provides operators a standard, reusable,
shared platform for SDN that is easy to upgrade and maintain.
Recent Intel® microarchitecture improvements have significantly
reduced the need for specialized silicon, enabling network
operators to take advantage of the proven scalability of modern,
virtualized data center technology. Advantages of this approach
include a streamlined network, and cost savings through
hardware reusability and power reductions. The adoption
of Intel® processor-based network components also enables
network service providers to integrate solutions currently being
developed by independent software vendors (ISVs) because it’s
rather straightforward to compile and integrate code to run on
Intel architecture.
Network Transformation Strategy
In support of the network transformation enabled by SDN
and NFV, Intel is developing capabilities that fall into three
categories:
Today’s wireless and wireline infrastructure can be quite
complex, partly due to the diversity of computing platforms used
to build network elements. For instance, a rack typically contains
various bladed network elements that use different processor
architectures. Maintaining these network elements requires
expertise across different hardware platforms, operating
systems and unique vendor technologies. However, this need not
be the case.
Using Intel processors, it’s possible to transition from using
discrete architectures per major workload – application, control
plane, packet and signal processing – to a single architecture
(Figure 4 - left side) that consolidates the workloads into a more
scalable and simplified solution. This capability will simplify the
integration of these solutions into existing operating support
systems (OSS). This capability is key in enabling a flexible
network per the SDN and NFV initiatives because it enables
various network functions to run on a single platform at the
same time.
The hardware platform is based on general-purpose server
technology and has been optimized using the best practices of
the communications industry. It has been designed to deliver the
performance scalability (compute, memory and I/O scalability)
needed to meet a network operator’s low to high-end system
requirements. For the high-end, a server blade based on the
Intel® Xeon® processor can deliver up to 160 million packets per
second of Layer 3 packet forwarding performance.9
• Workload consolidation strategy: Consolidates all workloads
running on a black box onto a white box based on Intel
architecture processors
• Virtualization performance optimization: Minimizes content
switching latency on standard, high-volume servers using
Intel solutions
• Data plane and switching performance optimization:
Maximize the data throughput between VMs on nodes
with SDN using virtual switching on Intel processor-based
platforms and physical switching on Fulcrum switches
With Intel architecture, there is a very rich, proven, extensive
and powerful set of tools that increases developers’ productivity,
delivers optimized code and provides exceptional consistency.
Furthermore, the widespread use of Intel architecture has
cultivated a robust, readily-available pool of talented and skilled
programmers, which is in sharp contrast to many custom ASICs
that require expensive, difficult-to-find, skilled programmers.
These three sets of capabilities that support network
transformation are shown in Figure 4, and are explained in more
detail in the following sections.
Intel Architecture
Leading the Network Transformation
Workload
2010
2012
Application
Future
Control Plane
Appliance
Data Plane
Appliance
Control
Packet
Proprietary
Signal
Proprietary
Next Gen
Services
Orchestration
Virtual Switch
Controller
Virtual Machine Monitor
Proprietary
4:1 Workload Consolidation
Intel® Architecture
Virtualized Network Applications
Figure 4. How Intel® Architecture Is Supporting Network Transformation
Node
Node
Node
SDN
5
Part I: SDN and NFV
Consolidating four workloads:
•
Intel® Virtualization Technology (Intel® VT) for Directed I/O
(Intel® VT-d) enables the VMM to securely assign specific I/O
devices to specific guest OSes, where each device is given
a dedicated area in system memory accessible only by the
device and the designated guest OS. Hardware assistance
speeds up data movement and lowers VMM activity, hence
the processor load, because the VMM is no longer involved
in every I/O transaction.
•
Intel® Data Direct I/O Technology (Intel® DDIO) allows Intel®
Ethernet Controllers and adapters to talk directly with the
processor cache of select Intel Xeon processors. Intel DDIO
makes the processor cache the primary destination and
source of I/O data rather than main memory, helping to
increase packet through, lower latency and reduce power
consumption.
•
PCI-SIG Single Root I/O Virtualization (SR-IOV) speeds I/O
delivery and reduces the load on the VMM by allowing a
PCI Express* device, such as a NIC, to present multiple
instances of itself up to the OS instance or hypervisor.
As a result, it’s possible to move packet data to and from
the guest OS’s memory space using direct memory access
(DMA) operation without VMM intervention. This is possible
because the virtual function driver loaded into each VM
has direct access to transmit and receive descriptors
that point to the physical address where the packet data
should be stored. This capability greatly speeds up packet
throughput; however, since the use of SR-IOV creates a
fixed relationship between a VM and physical memory, it
may be more difficult to implement live VM migration, if so
desired.
• Application processing is typically done on standard servers
today.
• Control plane processing on Intel architecture is
commonplace. With routing tables becoming larger and more
complex, the sizeable caches and high performance cores
of Intel Xeon processors converge on route table updates
quickly.
• Data plane processing has been greatly accelerated by
optimization techniques developed over several years at
Intel. Developers can access these tools from the Intel® Data
Plane Development Kit (Intel® DPDK).
• Signal processing is a viable option due to the continued
improvements in Intel microarchitecture, including new
instructions that efficiently execute data parallel workloads,
such as digital transforms and filters.
Virtualized Network Applications
Although virtualization is generally viewed as a software
technology, it’s worth noting that Intel has added hardware
features to multiple platform components in order to improve
the performance and security of virtualization. For instance,
developers can augment software-based virtualization
technologies with a complementary hardware-assist technology
called Intel® Virtualization Technology (Intel® VT).10 It performs
various virtualization tasks in hardware, like memory address
translation, which reduces the overhead and footprint of
virtualization software and improves its performance. For
instance, VM to VM switching time is significantly faster when
memory address translation is performed in hardware instead of
by software.
In addition, Intel VT increases the robustness of virtualized
environments by using hardware to protect the software
running in one VM from interfering with the software running
in another VM. Along these lines, virtualization helps avoid
unintended interactions between applications by preventing
one from accessing another’s memory space. Hardware-assisted
virtualization is going beyond the processor, with enhancements
made to other platform components, including the chipset and
network interface controllers (NICs). This is why Intel developed
several complementary, virtualization technologies that are
described in the following.
•
6
Intel® Virtualization Technology (Intel® VT) for IA-32, Intel®
64 and Intel® Architecture (Intel® VT-x) speeds up the
transfer of platform control between the VMM and guest
OSes by using hardware-assist to trap and execute certain
instructions on behalf of guest OSes, relieving the VMM of
such duties. These commonly used virtualization operations
are very secure because they are performed in hardware
and thus unalterable by hackers.
The age of complex, multi-architectural designs in
telecommunications equipment is being replaced with leadingedge general computing architecture. Intel’s general computing
architecture is capable of supporting the specific requirements
of each workload, thus achieving true consolidation in a
virtualized environment, as illustrated in Figure 5.
Control Plane
Appliance
Data Plane
Appliance
Next Gen
Services
Virtual Switch
Virtual Machine Monitor
Intel® Architecture
Figure 5. Virtualized network functions and applications
Part I: SDN and NFV
SDN for Communications and Networking
Respond Quickly to Changing Market Requirements
There are scalable Intel®-based platforms for all four layers of
SDN architecture. For high-end networks, Intel Xeon processors
are ideal for the orchestration, network applications and
controller layers, as well as for virtualized switches in the node
layer. Interoperable with virtual switches, Intel supplies the
key components to build a physical switching platform for the
node layer. It is based on the Intel® Ethernet Switch FM6764 for
packet forwarding and an AMC module built with the Intel® Xeon®
processor E5-26xx series for control plane functions.
To remain competitive, today’s network operators need to
be able to respond to evolving markets and traffic types in a
timeframe of hours and days rather than the months and years
more typical of traditional carrier grade networks. The latest
Intel® Platform for Communications Infrastructure opens the
door for network service providers to gain unprecedented
flexibility and control over customer offerings through the
use of SDN and NFV. By virtualizing network functions on Intel
architecture, network operators can more easily add workloads,
such as DPI, geographic load balancing and power management,
needed for services and cost reduction – thereby improving the
bottom line. For more details about how to implement the node
layer, see Part II of this series titled, “Implementing SDN AND
NFV with Intel® Architecture.”
Intel developed reference designs for physical and virtual
switches, called respectively:
• Intel® Open Network Platform Switch Reference Design
(Intel® ONP Switch Reference Design)
• Intel® Open Network Platform Server Reference Design
(Intel® ONP Server Reference Design)
The high performance and flexibility of these designs is
partly attributable to two key capabilities: accelerated packet
forwarding and a common API between physical and virtual
switches. Exceptional packet forwarding performance has been
demonstrated using the Intel Data Plane Development Kit (Intel
DPDK), a set of libraries whose source code is available for
developers to integrate and/or modify for use in a production
switch. The common API is called Open Networking Software
(ONS), which implements OpenFlow and Open vSwitch, but also
provides many more features that can make networks faster and
more efficient.
For more information about Intel® solutions for networking and communications, visit
www.intel.com/go/commsinfrastructure.
1Source: “Network Functions Virtualisation – Introductory White Paper,” published at the October 22-24, 2012 at the “SDN and OpenFlow World Congress”, Darmstadt-Germany, pg. 3, 4, 9, http://
portal.etsi.org/portal/server.pt/community/NFV/367.
2Source: “Software-Defined Networking: The New Norm for Networks,”, ONF White Paper, April 13, 2012, pg. 3, 7, https://www.opennetworking.org/images/stories/downloads/white-papers/wp-sdnnewnorm.pdf.
3
Source: “Software-defined networking (SDN),” by Margaret Rouse and Stan Gibilisco, June 2012, http://whatis.techtarget.com/definition/software-defined-networking-SDN and workloads used in
performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems,
components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully
evaluating your contemplated purchases, including the performance of that product when combined with other products.
4Source: http://www.etsi.org/news-events/news/644-2013-01-isg-nfv-created.
5Source: http://www.openstack.org/software.
6
Source: “OpenFlow-Enabled Cloud Backbone Networks Create Global Provider Data Centers,” ONF Solution Brief, November 14, 2012, pg 5, https://www.opennetworking.org/images/stories/downloads/solution-briefs/sb-cloud-backbone-networks.pdf.
Source: “FAQ: What is OpenFlow and why is it needed?,” Jim Duffy of Network World, April 14, 2011, http://www.networkworld.com/news/2011/041411-open-flow-faq.html.
7
8
9
Source: http://openvswitch.org.
Results have been estimated based on internal Intel analysis and are provided for informational purposes only. Any difference in system hardware or software design or configuration may affect
actual performance.
10
Intel® Virtualization Technology (Intel® VT) requires a computer system with an enabled Intel® processor, BIOS, virtual machine monitor (VMM), and for some uses, certain platform software
enabled for it. Functionality, performance, or other benefits will vary depending on hardware and software configurations and may require a BIOS update. Software applications may not be
compatible with all operating systems. Please check with your application vendor.
Copyright © 2013 Intel Corporation. All rights reserved. Intel, the Intel logo, and Atom are trademarks of Intel Corporation in the United States and/or other countries.
*Other names and brands may be claimed as the property of others.
Printed in USA
0313/MS/TM/PDF
Please Recycle
328827-001US