An open and modular architecture

But first, let’s set the context of the discussion. NFV and uCPE are built on the idea of moving from a closed network appliance to an open and modular system. The example below shows the following layers, from top to bottom:

• Virtual network functions (VNFs): the applications that implement network services such as routing, firewalls, SD-WAN, etc.
• NFV infrastructure (NFVI) software: the network operating system (NOS) that hosts the VNFs
• NFVI hardware: commercial off-the-shelf server from any of a wide variety of suppliers

Sounds great, right? We certainly believe it is. So what disinformation are the holdouts spreading?

Disinformation: uCPE adds excessive overhead

The NFVI software or NOS serves to abstract unique hardware requirements, provide a common operating environment for the VNFs, and provide management functions for the VNFs as well as the networking and platform. These are valuable functions, but what’s the cost of adding this additional software layer in terms of performance overhead? The defenders of lock-in spread misinformation, saying that the overhead is high and that the platform will not be able to meet the performance requirements for packet throughput and latency. But that’s just nonsense, and we proved it.

ADVA, 6WIND and Intel commissioned EANTC to do performance testing on 6WIND’s Virtual Service Router (VSR). The objective of the test was to compare the 6WIND VSR performance running directly on the server (AKA bare metal) with the performance while running in a virtual machine (VM) on ADVA’s Ensemble Connector. These tests were run on a pair of Dell VEP 1445 servers connected by an encrypted IPsec tunnel over a 10Gbit/s Ethernet link, as shown below. 

The report is available here, and the results are highlighted below.

The truth: Ensemble Connector adds minimal overhead

EANTC benchmarked a comparison of the encrypted performance of the 6WIND VSR on bare metal versus hosting the router as a VNF on Ensemble Connector. They ran these tests on a small footprint, low-cost processor without using Intel® QuickAssist Technology (Intel® QAT) hardware-based encryption acceleration. We can draw two conclusions from the results. First, the overhead for Connector virtualization is quite small. For large packets, running the router hosted on Connector was almost as good as bare metal, with only a 5% throughput reduction. Second, even without Intel® QAT, the encrypted performance of the 6WIND VSR was a very high 6Gbit/s in both bare-metal and VNF configurations. This is summarized in the chart below.

Disinformation: hardware acceleration requires bare metal

Another important question for open systems is whether the software VNFs have the same features running in a VM as they do when running on bare metal. Sometimes the holdouts will hobble their VNFs by removing features, such as the ability to leverage hardware acceleration enablers. One example of this is limiting access to Intel® QAT, which provides support for high-performance encryption operations. And sometimes the suppliers of these VNFs will use that missing feature to steer the buyer to a bare-metal implementation, enabling the supplier to lock in their win. But not 6WIND.

The truth: a truly open system enables all hardware features

The 6WIND VSR and Ensemble Connector can leverage Intel® QAT when available, as it is on the Intel Atom® CPU in the Dell VEP 1445. EANTC tested this also, and the chart below shows the acceleration provided by Intel® QAT.

For IMIX, we see an almost 60% increase in throughput and a 95% improvement for large packets. There is a small drop-off in throughput for small packets, but this is not a typical scenario.

Don’t let disinformation steer you wrong

At ADVA, we’ve worked hard to provide a truly open system for networking virtualization. It delivers high performance in software, and it can utilize any available hardware acceleration. These tests performed at EANTC show that we’ve achieved that goal – despite what the disinformers say. That means you can get the benefits of virtual hosting and high throughput performance – all at the same time.