– Dan Joe Barry, vice president of marketing, Napatech, says:
We are living in an age of unprecedented change, coming at us faster than at any other time in history. In fact, 90 percent of the world’s known data has been generated in just the last two years. This is the age of 100 Gbps, and it slows for no one. This is both exciting and challenging for providers of network management and security applications, who will need to create scalable solutions and determine how to reliably increase performance at connections up to 100 Gbps while reducing risk and time-to-market.
They must also effectively manage and secure networks while still handling a varied portfolio of 1, 10, 40 or even 100 Gbps products. Network services are agnostic to connection speeds and analysis will have to be performed at the same level across speeds ranging from 1 Mbps to 100 Gbps. Below is a list of best practices to ensure the network of today can move successfully into the 100G era.
- Full Line Rate
No matter the frame size, high-speed solutions are now required to capture network traffic at full line rate, with almost no CPU load on the host server, for all frame sizes. Full line-rate packet capture with zero packet loss, frame buffering and optimal configuration of host buffer sizes removes the bottlenecks that can cause packet loss. It also reliably delivers the analysis data that network management and security solutions demand. Zero-loss packet capture is critical for applications that need to analyze all the network traffic in real time.
To ensure that no data is lost, frame buffering can be used to absorb data burst. It can also remove application limitations, allowing frames to be transferred once the burst has passed. PCI interfaces provide a fixed bandwidth for transfer of data. This can limit the amount of data that can be transferred from the network to the application. Frame buffering is a critical feature for high-speed network analysis.
- Network Protocol Information
With frame classification, details on the type of network protocols being used provide understanding and insight required by next-generation network analysis. For users who want to monitor network traffic in the most efficient way, it is important to be able to recognize as many protocols as possible, as well as extract information from layer 2-4 network traffic. Header information for the various protocols transported over Ethernet must be made available for analysis. This includes encapsulation and tunneling protocols.
- Time Sensitivity
High-speed analysis applications sometimes need to know when something happened, and the amount of delay in the network. Assuring quality of time-sensitive services and transactions is often essential and requires high precision. In 100 Gbps networks, nanosecond precision is essential to assure reliable analysis. At 10 Gbps, an Ethernet frame can be received and transmitted every 67 nanoseconds. At 100 Gbps, this time is reduced to 6.7 nanoseconds.
When it’s necessary to identify when a frame is received, nanosecond precision time-stamping is critical. Precise time-stamping of each Ethernet frame allows frames to be merged in the correct order. The result is a significant acceleration of performance as Ethernet frames can now be grouped and analyzed in an order that makes sense for the application and is not restricted by hardware implementations.
- Examining Frame Flows
For insight into activity at a single point in the network, analyzing individual Ethernet frames is necessary. Network applications must be able to examine flows of frames that are transmitted between specific devices (identified by their IP addresses) or even between applications on specific devices (identified i.e. by protocol and UDP/TCP/SCTP port numbers used by the application).
To gain an overview of what is happening across high-speed networks up to 100 Gbps and then control the amount of bandwidth services are using, it is important to identify and analyze data flows. It also allows for intelligent flow distribution, where frames are distributed to up to 32 CPU cores for massive parallel processing.
- Data Reduction
Guaranteed delivery of real-time data with information that allows quick and easy analysis is a requirement for high-speed solutions. What will distinguish these is the ability to accelerate the performance of analysis applications. This can be achieved by reducing the amount of data to analyze, ensuring that applications are not overwhelmed and only processing the frames that need to be analyzed. One of the main challenges in analyzing real-time data in high-speed networks is the sheer volume of data. Reducing this amount of data can often accelerate the performance of analysis applications. This can be accomplished through features such as frame and flow filtering, deduplication and slicing.
- Faster Analysis
Providers of appliances need to maximize the performance of their analysis applications, so
100 Gbps solutions must provide acceleration features. These features must off-load data processing that is normally performed by the analysis application. Some examples of off-loading features are: intelligent multi-CPU distribution, cache pre-fetch optimization, coloring, filtering and checksum verification. These free up CPU cycles, allowing more analysis to be performed faster.
- Monitoring Tunneling Protocol
In situations where networks are outside the sender’s control, tunnels have been a secure and reliable transport method. Tunneling provides challenges because the data to be analyzed is encapsulated in the tunnel payload and must first be extracted before analysis can be performed. This is an extra and costly data processing step. By off-loading recognition of tunnels and extraction of information from tunnels, high-speed solutions can provide a significant acceleration of performance for analysis applications.
For mobile networks, all subscriber Internet traffic passes through one point, namely the GPRS Tunneling Protocol (GTP) tunnel between the signaling and gateway serving nodes, so this is especially true. Monitoring this interface is crucial for assuring quality of service. Next-generation solutions will open up this interface, providing visibility and insight into the contents of GTP tunnels. Analysis applications can use this capability to test, secure and optimize mobile networks and services.
Accelerating the Network Now
With this unprecedented acceleration capability, providers of network equipment will need to find solutions to help them stay one step ahead of the data growth curve brought on by the explosive growth in mobile data traffic, cloud computing, mobility and big data analysis.
Factors to consider in order to accelerate the network to 100G:
- A common Application Programming Interface (API) so that applications can be developed once and used with a broad range of accelerators. This allows combinations of different accelerators with different port speeds to be installed in the same server.
- Reliable hardware platforms to develop 100 Gbps analysis products. A 100 Gbps accelerator, for example, can intelligently manage the data that is presented for analysis, providing extensive features for managing the type and amount of data. Slicing and filtering of frames and flows, even within GTP and IP-in-IP tunnels, significantly reduces the amount of data. Look for deduplication features that can be extended in analysis software to ensure that only the right data is being examined.
- PCI-SIG® compliant products that can snap into any commercial off-the-shelf server will allow organizations to focus their development efforts on the application, not the hardware.
- Software suites that provide data-sharing capabilities to enable multiple applications running on the same server to analyze the same data. When combined with intelligent multi-CPU distribution, this allows the right data to be presented to the right analysis application, thus sharing the load. Intelligent features for flow identification; filtering and distribution to up to 32 CPU cores accelerate application performance with extremely low CPU load.
As the data deluge hits, technologies to help manage it all are arising as well. Organizations need to ramp up connectivity speeds, security applications and network management in order to remain relevant and serve their customers well. Using a common API, reliable hardware platforms and PCI-SIG® compliant products are some of the best practices to implement now.
About the Author:
Daniel Joseph Barry is VP of Marketing at Napatech and has over 20 years experience in the IT and Telecom industry. Prior to joining Napatech in 2009, Dan Joe was Marketing Director at TPACK, a leading supplier of transport chip solutions to the Telecom sector. From 2001 to 2005, he was Director of Sales and Business Development at optical component vendor NKT Integration (now Ignis Photonyx) following various positions in product development, business development and product management at Ericsson. Dan Joe joined Ericsson in 1995 from a position in the R&D department of Jutland Telecom (now TDC). He has an MBA and a BSc degree in Electronic Engineering from Trinity College Dublin.