Stop Burning CPU Cores on Networking and Security

Limitations of SDN without Hardware Offload

With the transition toward network virtualization and software-defined networking (SDN), telecom operators have begun to realize that server CPUs alone are not enough.
As bandwidth requirements steadily increase, standard SDN running on CPU cores can no longer keep pace. Many networking and security functions are handled more efficiently by hardware. Encryption and decryption, for example, are tasks that are server CPU-intensive.
In cloud-based IaaS offerings, this cuts directly into profit margins. Cloud providers’ profits are directly tied to the number of virtual machines they can set up in one server. The more cores that are being used for the network data plane, the fewer that will be available to sell.
Running networking on software alone may have worked for 1GbE, but SDN struggles today to keep up with 40GbE, and it will need to support 100GbE and beyond in the years to come.
Processing networking data overburdens the server CPU, and multiple (or sometimes all) CPU cores are required to process common networking functions even at 10 Gbps of data traffic. At rates above 40 Gbps throughput, CPU performance suffers from high variability and poor predictability in throughput and latency.
This is driving telcos and cloud providers alike to examine hardware offloading to avoid burning CPU cores on networking and security functions.

Hardware Alternatives for SDN

When it comes to offloading the datapath to hardware, there are a few options, in order from least to most efficient:
  • Multicore CPU
  • GPU / NPU (networking processor unit)
  • FPGA (field-programmable gate array)
  • ASIC (application-specific integrated unit)
While adding CPU cores could handle the datapath, it is usually not cost-effective and still suffers in performance. Using an NPU (network processing unit) that incorporates a CPU and ASIC hardware seems to combine programmability with high-level performance, however it has some noticeable drawbacks. First, as features are added, performance declines. NPU code is also locked into the vendor it was programmed for. Finally, NPUs cannot adapt to new requirements beyond the underlying core capabilities of the ASIC hardware within.
An ASIC-based solution is certainly the most efficient. However, it is completely inflexible and cannot be adapted to evolving standards and requirements. ASIC-based hardware is locked into a given feature set, and it typically takes a long time to redesign.
FPGAs, on the other hand, combine their inherent reprogrammability with ASIC-like performance levels. They can be programmed in a similar manner to CPUs, but they still achieve hardware-level performance in terms of throughput, latency, and jitter. Their code can be ported easily from one vendor to another, amongst several competing FPGA manufacturers. This is therefore the optimal solution for hardware offload.

COTS Server CPU Offload to FPGA

Ethernity Networks offloads CPU-intensive tasks to its FPGA-based products, enabling its customers to stop burning CPU cores on networking and security.
With Ethernity’s ACE-NIC FPGA SmartNICs, the data plane and control plane are separated, and the data plane can scale economically, simply by adding ACE-NICs whenever there is a need for additional bandwidth.
Ethernity differentiates itself by offering a rich set of networking features that ensure carrier-grade deterministic performance, especially low latency and jitter. Only Ethernity combines rich expertise in Carrier-grade networking solutions for communications service providers with expertise in FPGA software. Ethernity’s patented technology also reduces required programmable logic by up to 80%, enabling the use of smaller FPGAs, for more affordable acceleration solutions.
At Ethernity, we believe that you can stop burning CPU cores on networking and security tasks by offloading them to our ACE-NIC, which can perform those tasks more effectively. Offloading reduces operating expenses, including power and the cost of physical space, and provides increased deterministic performance for user functions such as vBRAS/vBNG, 5G UPF, and virtual routing.