Tuesday, November 24, 2015

Blueprint: Operationalizing NFV in the Face of 100G

by Dan Joe Barry, VP Positioning and Chief Evangelist, Napatech

A recent survey on the future of network appliances indicates that 100G will be the dominant speed rate in core, metro and access in 2018. How can we ensure that NFV is ready for this challenge?

Great strides have been made over the last three years in proving the viability of Network Functions Virtualization (NFV). Dozens of Proof of Concept (PoC) trials have proven that workloads can be migrated to virtual environments running on standard hardware, and there are even examples of carrier deployments using NFV. This is all thanks to the work of visionary carriers and vendors who recognize the need for a drastic change in how carriers do business if they are to survive and thrive in the future.

Thanks to this effort, the issue is no longer whether NFV will work; the issue is how we can make NFV work effectively so it will deliver on its promise. The issue is no longer whether a service can be deployed using NFV, but whether we can manage and secure that service in an NFV environment. In other words, the challenge now is to operationalize NFV.

Managing and securing services requires network appliances that can monitor and analyze network behavior. A recent survey by Heavy Reading on behalf of Napatech provides insight into how network appliances are being used today, progress on migrating network appliances to virtual environments and insight into the challenges that need to be addressed to ensure the success of this migration.

In “The Future of Network Appliances,” 47 percent of respondents considered network appliances for network management and security as essential, while a further 39 percent considered them valuable, reflecting a broad appreciation for the operational value of appliances. Survey responses also show that network management and security appliances are broadly deployed, especially for applications like network and application performance monitoring, test and measurement as well as firewalls, intrusion detection and prevention, and data loss prevention.

Nevertheless, the survey also showed progress in migrating network appliances to virtual environments, especially for the most widely deployed applications. 73 percent of carriers indicated that they intend to deploy virtualized appliances over the next two years. Network equipment vendors are responding, with 71 percent indicating that they intend to deliver virtualized appliances in the same time frame.

The top three challenges that respondents could see in delivering and deploying virtualized appliances were interworking with other vendor solutions (81 percent concerned or extremely concerned), security (79 percent) and throughput (80 percent).

But the most eye-opening challenge that the survey highlighted must be the extensive deployment of 100G network data rates in not just the core but also the metro and, most surprisingly of all, the access network. Survey respondents were asked to indicate the most common planned data rate for the core, metro and access networks in 2018. The responses showed that 75 percent of respondents planned for 100G as their most common data rate in the core and 71 percent planned to use 100G in the metro, while 58 percent planned to use 100G in the access network.

This will potentially prove to be the greatest challenge in virtualizing network appliances over the next three years. The first 100G physical network appliances are just now being introduced to the market. They are based on standard servers, as the majority of physical network appliances are today. However, they rely on high-performance network interface cards capable of providing the throughput required at these data rates.

Standard Network Interface Cards (NICs) cannot provide the performance required for these kinds of applications even at data rates of 10G. Recent benchmark testing of NFV solutions which are based on standard NICs have shown that there are serious performance challenges in using these kinds of products for high-speed applications even when using Data Plane Development Kit (DPDK) acceleration. Solutions based on bypassing hypervisors, such as Single-Root Input/Output Virtualization (SR-IOV), provide some relief, but come at the expense of virtual function mobility and flexibility.

Network management and security solutions are essential to the successful operation of virtualized networks and will need to be able to operate at 100G data rates within the next three years. One should therefore expect a reassessment of the need for alternative NIC solutions in NFV deployments. These need not be focused solely on network management and security virtualized applications, as the performance issues faced by these applications are similar to those that will be faced by other virtual appliances at high data rates. This technical challenge has already been solved in the physical world. Now it is merely a question of migrating these solutions to the virtualized environment to make sure that NFV is not only deployable but also operational, even at speeds of 100G.  

About the Author

Daniel Joseph Barry is VP Positioning and Chief Evangelist at Napatech and has over 20 years experience in the IT and Telecom industry. Prior to joining Napatech in 2009, Dan Joe was Marketing Director at TPACK, a leading supplier of transport chip solutions to the Telecom sector.  From 2001 to 2005, he was Director of Sales and Business Development at optical component vendor NKT Integration (now Ignis Photonyx) following various positions in product development, business development and product management at Ericsson. Dan Joe joined Ericsson in 1995 from a position in the R&D department of Jutland Telecom (now TDC). He has an MBA and a BSc degree in Electronic Engineering from Trinity College Dublin.

http://www.napatech.com/sites/default/files/the_future_of_network_appliances_by_napatech_and_heavy_reading.pdf